1) Thanks! 2)Here is my ACL and http access lines: acl bad_url dstdomain "/xxx/Squid/etc/bad-sites.squid" acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl our_networks src 192.168.16.0/255.255.255.0 acl to_localhost dst 127.0.0.0/8 acl workdays time MTWHF 8:30-12:00 acl workdays time MTWHF 13:30-18:00 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # Restrict cachemgr access http_access allow manager localhost http_access deny manager # Block access to banned URLs http_access deny bad_url workdays # Allow users access on workdays http_access allow our_networks workdays #http_access allow out_networks # Deny everything else http_access deny all # # #Recommended minimum configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager http_access deny bad_url # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports 4) All I know is going through the squid as a proxy server disables the login prompt. If I just access it with out proxy then I get an authentication box. 5) Again can you explain this to me for me to get pages blocked to work: >>> Yes. Create an ACL for normal login. Adding it to the end of the line >>> For example: >>> ... login setup >>> acl loginACL proxy_auth REQUIRED >>> http_access deny our_networks bad_url workdays !loginACL 6) Will look into WCCP and BSD...thanks
