Hi Amos, You are right, I didn't explain myself properly. We use ident to identify our users. One user with IE or firefox wants to go to one Facebook. He receives a wonderful deny message saying that he is not allowed. Same user with Chrome does the same and he is able to access to Facebook. After doing some research I found out that this only happens if I use https. Here is the conf file. I've made a little modifications just to show the important things: cache_effective_user proxy cache_effective_group proxy visible_hostname x.x.x.x unique_hostname x.x.x.x coredump_dir /data/squid http_port 3128 cache_access_log /data/squid/logs/access.log cache_access_log /data/squid/logs/access.log cache_store_log /data/squid/logs/store.log cache_log /data/squid/logs/cache.log pid_filename /data/squid/logs/squid.pid logfile_rotate 2 via off forwarded_for off dns_nameservers x.x.x.x positive_dns_ttl 8 hours negative_dns_ttl 30 seconds cache_replacement_policy heap LFUDA cache_swap_low 90 cache_swap_high 95 maximum_object_size_in_memory 20 KB cache_dir aufs /data/squid/cache 16000 16 256 cache_mem 16 MB memory_pools off maximum_object_size 64 MB quick_abort_min 0 KB quick_abort_max 0 KB log_icp_queries off client_db off buffered_logs on half_closed_clients off negative_ttl 0 minutes external_acl_type myIdent children=15 %SRC %IDENT /usr/bin/perl /data/squid/scripts/myIdentUsers.pl acl ident_auth external myIdent REQUIRED acl WebUsers ident "/data/squid/groups/WebUsers" acl Socialnet dstdomain "/data/squid/blacklists/socialnet/domains" http_access deny Socialnet http_access allow WebUsers Thanks for your help. Regards. >>> Amos Jeffries <squid3@xxxxxxxxxxxxx> 19/09/2012 2:53 >>> On 19/09/2012 1:45 a.m., Jaime Gomez wrote: > Hi all, > > We have a very weird issue. I've been googling but couldn't find the answer. We have our Squid (Squid Cache: Version 3.1.18) configured in order to do some content filter. For instance: some people can access Facebook and other social Webpages while others don't. The weird issue is that people with Chrome can skip this acl. With IE and Firefox it works. How is this possible? It might be because you configured it to happen. Or that Chrome is simply not using the proxy. Some information about what your configuration actually is would help (details please). Amos
