On 7/8/05, Eganya Alfredo <eganyaalfredo@xxxxxxxx> wrote: > > internal sites: > web.aza.cl > mail.aza.cl > > external site: > *.cl > *.com > *.net > > team free: > 125.1.1.0/24 > can acces all the web(external sites) > > team blocked: > 125.1.7.0/24 > just internal sites > # the dot before the domain names is important ( .google.com ) acl intsites dstdomain .aza.cl acl extsites dstdom_regex \.cl$ \.com$ \.net$ acl freeteam src 125.1.1.0/24 acl blockteam src 125.1.7.0/24 http_access allow blockteam intsites http_access deny blockteam !intsites # if you do not want freeteam to access internal sites # http_access deny freeteam intsites http_access allow freeteam extsites # and last rule deny all http_access deny all ----- I hope this solves your problem. visolve has good documentation about squid ACLs http://squid.visolve.com/squid/squid24s1/access_controls.htm#acl -- Regards. Abu Khaled
