> acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl SSL_ports port 443 563 > acl Safe_ports port 80 21 443 563 70 210 1025-65535 > acl Safe_ports port 280 > acl Safe_ports port 488 > acl Safe_ports port 591 > acl Safe_ports port 777 > #acl Safe_ports port 8080 > acl CONNECT method CONNECT > > http_access allow manager localhost > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow password What's the 'password' ACL? If it's matched here, users are granted access, and all following rules are ignored. > acl lan src 192.168.0.0/255.255.255.0 > acl lan1 src 192.168.1.0/255.255.255.0 > acl lan2 src 192.168.2.0/255.255.255.0 > acl lan3 src 192.168.3.0/255.255.255.0 > > acl restricted_sites url_regex -i myspace.com > acl restricted_sites url_regex -i schoolies.com > acl restricted_sites url_regex -i > killjeeseday.freewebpage.org/lol.html > acl restricted_sites url_regex -i earth.google.com > acl restircted_sites url_regex -i > kh.google.com/download/earth/index.html > acl restricted_sites url_regex -i 211.27.149.18/webbook > acl restricted_sites url_regex -i maps.google.com > acl restricted_sites url_regex -i runescape.com > acl restricted_sites url_regex -i runehq.com > > acl user_passwords proxy_auth REQUIRED > > http_access deny !restricted_sites lan > http_access deny !restricted_sites lan1 > http_access deny !restricted_sites lan2 > http_access deny !restricted_sites lan3 So move the 'http_access allow password' (http_access allow user_passwords?) to here. > http_access deny all Joost
