Hallo, Thomas, Du meintest am 01.04.11: [...] > Well, I didn't see a 301/302/307 in the logs though I did > get the "blocked" redirect page handed out by squidGuard. [...] > Actually I want to do it a bit differently: If f.e. someone blocked > "facebook.com" during main business hours, they still show up in the > access_log and in the reports created from it. As more and more sites > include "Like this on facebook" buttons which refer to facebook.com, > it looks like users are accessing facebook.com even though they > aren't. But that's a squidGuard problem, no squid problem. Perhaps it's a problem of your special reporting program. For reporting I use "SARG" and "squish". For "squish" it might be very simple excluding "facebook" entries; the program gets its date via a simple "cat" command. Viele Gruesse! Helmut
