On Tue, 3 Feb 2004, Leon Dippenaar wrote:

> acl download url_regex -i "/usr/local/squid/denydownload.txt"
> http_access deny download lan
> This is global and nails all MS downloads:
> Please give me a hint as to how I can make MS domain Http downloads
> possible

You could enhance the existing access control with a whitelist of sites
which should not be blocked

acl download ...

acl download-allowed dstdomain windowsupdate.microsoft.com download.microsoft.com ...

http_access deny !download-allowed download