So you all know, Kinkie's comment worked just fine! I replaced domain.com with .domain.com and everything works ok now. Regards, Fred On 2/2/06, Kinkie <kinkie-squid@xxxxxxxxx> wrote: > On Thu, 2006-02-02 at 10:39 -0400, wireless IT professional wrote: > > Dear fellows, > > One question about squid: is it possible to "tell" Squid to permit > > access from one IP in my LAN to ONLY one specific domain? Any other > > traffic from that particular IP directed to ANY other domains must be > > denied. Also, the rest of IPs in the LAN must continue to have total > > http access to any site. > > > > I tried with: > > > > acl blocked src 192.168.1.59/32 > > acl allowed dstdomain domain.com > > Is the client only accessing http://domain.com/something? > Because if it's http://something.domain.com/somethingelse > then you want to specify > > acl allowed dstdomain .domain.com > ^^^ > > > http_access allow blocked allowed > > http_access deny blocked > > acl our_networks src 192.168.1.0/24 > > http_access allow our_networks > > > > but it did not work! With these acls the .59 IP gets completely blocked > > > > Thanks in advance for any light you may shed upon. > > Regards, > > Fred > > > > Kinkie >
