any squid guru's about acl help reqd

[Rob Clark]

my acl list is set to
allow certain ips on lan full access
allow desc_acl
deny all

desc_acl has dst fedex.com

which i want to allow effectivle *.fedex.com and specifically our fedex sw which tunnels thru it but its denied, works when i set allow all tho so my rules are stopping it somehow ?

help

 

[Noodle999]

Slow reply I know, but can you paste the exact ACL settings as in the config, or if you'd rather not then feel free to PM?

 

[Rob Clark]

heh ty, i sorted it by hook or by crook as most of the examples are for blocked content rather than allowing.
I have the standard config with 2 extra acl's. 1 lists machines ip's which are granted unconditional access, the other lists an allowed list for everyone else. The allowed list is now fudged to work using dstdom_regex -i fedex.com which allows anything with fedex.com in the url to access which is good enuf but not watertight. my only other issue is with it not allowing local addresses which is fine for ie as have setup a GPO but firefox has to have it entered manually.
is dstdom_regex the correct way to allow domains in a *.fedex.com manner ?