just using squid or just using firewall will not block as you need.
you must use the firewall to block all ports going out except port 80 and port 3128 (squid)
then you auto forward all requests on port 80 to 3128 to be filtered by your squid.
then u setup your squid and filter by IP's and domains
easy...
I wrote a website howto:
http://www.orbitdesigns.net/freestuff/strongfw/
should guide you through quite easily all the steps you need.
Thanks
Chris