>Thanks for the help You're quite welcome.
>(I actually did try to find this answer but couldn't .... and decided to > ask the list for its help (thinking that was, in fact, the purpose of > the list.)) Yes, that is the purpose of the list. However, you did not indicate in your question that you had checked the archive. And I didn't simply tell you to "RTFM" - I answered your question, then gently asked you to search the archives next time (I DID use "please", after all). If I had known you had already checked, I would have skipped that part. >Anyway, let me ask a followup question .... what if I want to disallow >all .exe files EXCEPT those from microsoft.com? is that possible? Feel >free, as I know you will, to tell me to RTFM, but any help in locating >the right place in the right FM would be greatly appreciated. I'm not going to tell you to simply RTFM. I would post an answer here, but I see you have already received several good responses. I will, however, point you to the Configuration Guide on the Squid website, and the default config file that comes with Squid. Both have an extensive section on the various types of acls and what they do. Yes, the Configuration Guide is for 2.4, not 2.5, but most of the info there is valid, and a quick check of the config file will let you know if there are any differences. One more thing (this is probably in the FAQ, but I'm not sure offhand): when you put entries on an acl line like acl progs urlpath_regex \.exe$ \.zip$ the acl will match any of the items on the line. However, when you have an _access acl, such as http_access allow progs microsoft the line will only match if it matches everything. The distinction is important, and very useful. Adam
