I have a network where I only want the computers to be able to get out to Windows updates and their AV software. Both of those things work on URLs and not IPs. Is the correct way to go about this command line on the ER with some commands like:
url-filtering {
squidguard {
redirect-url http://google.com
rule 10 {
local-allow windowsupdate.microsoft.com
local-allow *.windowsupdate.microsoft.com
local-allow *.update.microsoft.com
local-allow *.windowsupdate.com
local-allow download.windowsupdate.com
local-allow download.microsoft.com
local-allow *.download.windowsupdate.com
local-allow test.stats.update.microsoft.com
local-allow ntservicepack.microsoft.com
source-group LAN-desktops
}
source-group LAN-desktops {
address 192.168.10.2-192.168.10.254
}
Is there a better way to go about this?