> -----Original Message----- > From: Fajar Priyanto > > 1. Can windowsupdate.microsoft.com be denied rather than redirected?
Sure. _Put 'windowsupdate.microsoft.com' in a squidGuard domains file. _Reference that domains file in a destination group in your squidGuard.conf file. _Prohibit that destination group in the acl section of your squidGuard.conf file. Works fine. Only blocks the windowsupdate.microsoft.com sub-domain. > > In my access.log shows: > 1061255076.570 3030 192.168.0.11 TCP_MISS/200 303 HEAD > http://windowsupdate.microsoft.com/ident.cab - DIRECT/127.0.0.1 text/html > 1061255076.613 26 192.168.0.11 TCP_MISS/200 303 HEAD > http://windowsupdate.microsoft.com/ident.cab - DIRECT/127.0.0.1 text/html > 1061255076.654 26 192.168.0.11 TCP_MISS/200 303 HEAD > http://windowsupdate.microsoft.com/ident.cab - DIRECT/127.0.0.1 text/html Those are strange. What controls and/or redirection was in place to produce those? The request was approved (200) and the object was fetched from 127.0.0.1 (instead of 207.46.134.30). If you block it with squidGuard as I explained above your access.log will show the request was Forbidden (403), and the Hierarchy will show the ip of the machine that hosts your squidGuard redirect page. Will that work for you? Rick
