How do I implement an ACL ban list?
As an example, we will assume that you would like to prevent users from accessing cooking recipes. One way to implement this would be to deny access to any URLs that contain the words “cooking” or “recipe.” You would use these configuration lines: acl Cooking1 url_regex cooking acl Recipe1 url_regex recipe http_access deny Cooking1 http_access deny Recipe1 http_access allow all The url_regex means to search the entire URL for the regular expression you specify. Note that these regular expressions are case-sensitive, so a url containing “Cooking” would not be denied. Another way is to deny access to specific servers which are known to hold recipes. For example: acl Cooking2 dstdomain www.gourmet-chef.com http_access deny Cooking2 http_access allow all The dstdomain means to search the hostname in the URL for the string “www.gourmet-chef.com.” Note that when IP addresses are used in URLs (instead of domain names), Squid-1.1 implements relaxed access controls. If the a domain name
