We have been using squid successfully with NTLM auth and NT domain groups, and squid ACLs to limit web browsing to either a positive or negative list of sites.
Due to the US Homeland Security recommendation, http://www.kb.cert.org/vuls/id/713878, to disable scripting in Internet Explorer, I would like to disable the use of IE with squid. So, I would like to know if squid has an ACL that will work against the browser useragent? I can't rely on the users to willing stop using IE. Further, I cannot simply remove IE, since it is used for some Intranet and Extranet web sites. However, beyond those sites, I want the users to run Mozilla for all generic browsing. (Mozilla now supports NTLM auth on Win32!!! :-> ) I have searched the mailing lists, and read "Squid - The Definitive Guide" but did not find an ACL based on useragent. Of course, maybe I missed it. If there is not a useragent ACL, does squid offer an ACL that is based on the headers the browser sent to squid? Thanks -- david
