It is better to add the acls on the squid than on the firewall. Proxy servers will give good performance compared to the firewalls in acls.
Regards
Dharmu
On Wed, 2003-05-07 at 17:35, Walter Priesnitz Filho wrote:
Hi, I have this environment, a subnetwork (192.168.0.0) that access another subnetwork (192.168.59.0) and then access the internet. The second lan has a proxy server (squid:3128). I need to block the requests in th first lan to the squid server to some sites. How can I do this? I've tried this iptables -A FORWARD -p tcp -m multiport --dport 80,443,3128 -d www.someplace.com -j DROP but doesn't work. Can anybody help-me? Regards, Walter -------------------------------------------- Walter Priesnitz Filho - UIN 121745902 http://camva.ucs.br/~walterp/ Linux user 268789 - http://counter.li.org/ --------------------------------------------