Le 12/03/2018 à 10:37, Nux! a écrit : > Another idea - but this gets complicated and with that, prone to > faults - use a simple shell script to resolve the desired domains and > keep their IPs in an ipset, then use the ipset in your firewall > rules, this way you can keep your iptables rules static, your squid > config static and simply add or remove IPs from the ipset. Following a suggestion from Yuri Voinov on the Squid mailing list, I've found a better solution that works perfectly. I've added it to my blog here: https://blog.microlinux.fr/squid-exceptions/#squid Cheers, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : info at microlinux.fr Tél. : 04 66 63 10 32