So what if you want to allow or block an entire domain with a single entry a wildcard list?
There are a couple of use cases to consider. The first is when you want to match URL.Host only on www.domain.com and domain.com. We'll ignore the fact that www.domain.com and domain.com won't always resolve to the same server (usually they will, and in most cases administrators will want to allow (or block)domain.com if they are going to allow (or block) www.domain.com). The other use case is when you want to match domain.com, www.domain.com, foo.domain.com and foo.bar.domain.com. In short, the second use case is where you want to cover *.domain.com and domain.com with a single entry.
AFAIK the best (simplest) single entry wildcard list form for usecase 1 is: regex((www\.)?domain\.com)
AFAIK the best (simplest) single entry wildcard list form for usecase 2 is: regex((.+\.)*domain\.com)
Now a lot of people aren't comfortable with regex and like GLOB a lot better (because it's easier for the non-regex savy people to read, and it's also easier to convert existing domain lists), or they might be looking for a solution that doesn't even use wildcard lists (match operations will be faster). Here is an example ruleset that has rules that use GLOB in wildcard lists, or regex in wildcard lists, or just straight string lists to accomplish the same thing.
Lastly there is a feature request in to create a property that enumerates all the domains and subdomains of a given host. The Set UDP.DomainList ruleset accomplishes this and puts the possible domains in a predictable order.
This User-Defined.DomainList (list of string) property can then be used to match against string lists with entries of the form domain.com, xxx, co.uk, bbc.co.uk, etc. For efficiency sake though, I would highly recommend matching a single entry in the DomainList against a single string list and separate the lists you are matching against by TLD (top level domain), 1st level sub domain etc. In other words, you would use ListOfString.Get(User-Defined.DomainList,1) is in list Blocked 1st Level SubDomain List and all entries in the Blocked 1st Level SubDomain list would be of "one dot" form (co.uk, domain.com, example.com, mcafee.com) etc.
Message was edited by: jebeling on 10/20/11 11:15:31 AM CDT