I have 2 problems: 1) Error message displayed Until 2 months ago my squid.conf was based on ip acl and, to prevent porn sites, there was this acl: a) acl based on ip acl porn url_regex "c:/squid/block/pornblock.txt" acl mycompany_ip_no_restriction src 172.16.99.2 172.16.100.34 http_access deny porn !mycompany_ip_no_restriction deny_info ERR_PORN_ACCESS_DENIED porn b) Now squid is based on windows domain groups and acl is: acl porn dstdomain "c:/squid/block/pornblock.txt" http_access deny porn !Proxy_All_Open deny_info ERR_PORN_ACCESS_DENIED porn In c:squid\share\errors\Italian\ERR_ACCESS_DENIED there is my customized html file. The problem is that while using acl "a" my error messagge is correctely displayed, with acl "b" the messagge is always c:\squid\share\errors\Italian\ERR_CACHE_ACCESS_DENIED (I report english version) Cache Access Denied Sorry, you are not currently allowed to request: from this cache until you have authenticated yourself. Do someone know what is wrong? 2) dstdomain problem In order to block porn sites I used dstdomain acl porn dstdomain "c:/squid/block/pornblock.txt" And in c:/squid/block/pornblock.txt I added urls like these: .playboy.com .superfiga.com .... The problem is that all sites containing one of the above world were blocked while I need to block only entire urls and not those matching a word contained in this file. Example: I want to block only www.playboy.com or www.superfiga.com but NOT www.mysite.playboy.com or www.ciao.superfiga.com The only workaround I founded is to duplicate entries in pornblock.txt; example: playboy.com www.playboy.com Unfortunately this solution takes 60/80 seconds to squid service start instead 15/20 seconds Moreover I would like to write in log file the name of acl that is blocking a site in order to help debugging. Do someone know another solution for dstdomain and log? Thanks Marco
