On Wed, Mar 10, 2004 at 09:51:37AM -0500, Tim Neto wrote: > I'd recommend: > acl blockdc_yahoo dstdomain .yahoo.com > acl blockdc_hotmail dstdomain .hotmail.com > acl break_time1 time 08:30-08:45 > acl break_time2 time 15:30-15:45 > http_access deny !break_time1 !break_time2 blockdc_yahoo > blockdc_hotmail cl_no > http_acces allow cl_no > > Break out the dstdomain to one (1) per ACL.
I am not sure I would like to do that. I might have 10s of URL later there. Also, I could use one acl when I was blocking using IPs so why not now. One more strange thing. When cl_no users login they now cannot see yahoo or hotmail, which is fine, but when they try oter sites like for e.g. www.reliance.com they can see the site but the pop-up box asking for username and password keeps coming even when I enter correct username and password. In access.log I see, 1078930602.788 95 192.168.10.20 TCP_IMS_HIT/304 211 GET http://www.relianceinfo.com/Infocomm/swf/vars10.txt shilpa NONE/- text/plain For the other users who are not time banned it comes only one time. What is wrong? With warm regards, -Payal
