Just to add an idea, would be possible to deny squid based on group membership on LDAP (group Students for instance). Regards Giorgio -- Giorgio Pioda - Sysadmin SPSE-Tenero Cell +41 79 629 20 63 Uff. +41 91 735 62 48