A suggestion:
Create a file /etc/squid/blocked_domains which would contain a list of all the domains you want to block each on a separate line. Which would look something like this:
Code:
#touch /etc/squid/blocked_domains
#vi /etc/squid/blocked_domains
xxx
.sex.com
.google.com
Then chown the file to root.squid and chmod it to 640
Code:
#chown root.squid /etc/squid/blocked_domains
#chmod 640 /etc/squid/blocked_domains
Finally, add this acl:
Code:
acl BLOCKED_DOMAINS dstdom_regex -i "/etc/squid/blocked_domains"
http_access deny BLOCKED_DOMAINS
This way you can manage the blocked domains using the the file /etc/squid/blocked_domains without revisitng the squid settings.
REMEMBER to reload squid if you make changes to the file
Code:
#/etc/init.d/squid reload
One more IMPORTANT note:
Squid processes your rules in sequential order, so using:
Code:
acl OUR_NETWORKS src 10.159.207.0/24
http_access allow OUR_NETOWRKS
acl BLOCKED_DOMAINS dstdom_regex -i "/etc/squid/blocked_domains"
http_access deny BLOCKED_DOMAINS
will allow all machines on the 10.159.207.0/24 network unrestricted access, since the deny rule will not be tested for any hosts coming from the defined network.
As a general rule, you should put all your DENY rules BEFORE any ALLOW rules, then check the order of each group to insure they are being enforced correctly.
Hope this was useful