Hi Tom! >At 19:44 06/11/2003 -0600, you wrote: >http://www.ISAserver.org >If you want to block the entire yahoo site, try *.yahoo.com and >yahoo.com OK, I do it like follow: Destinations sets: ----------------- 1. deny-sites = (*.yahoo.com, yahoo.com) 2. allowed_URLs_into_deny-sites = ( http://br.groups.yahoo.com, PATH=/group/superwaba/* ) Content Rules: ------------- 1. Name= DenyWholeYahoo, destinations=[(selected destination sets)=deny-sites], action=deny, applies_to=any-request This Content Rule deny the whole yahoo site, and the unique field where I can put exceptions is in the (applies_to) field, but it is only related to (client_sets) don't to (destination sets). If I create and allow rule pointed to destination_set=(allowed_URLs_into_deny-sites) (see 2 above) the deny rule (DenyWholeYahoo) have more priority, and match first! >If you need to create an exception, instruct the Site and Content Rule >that you need to create an exception. Make sure to create the >Desitnation Set that represents the exception before you create the So I didn't understand where I instruct the Site and Content Rule (ex. DenyWholeYahoo - see 1 bove) to create an exception pointing to an destination set like (allowed_URLs_into_deny-sites) (see 2 above). My intention is deny the whole yahoo for (any_request) but allow the URL (http://br.groups.yahoo.com, PATH=/group/superwaba/*) into the yahoo site for (any_request too). The client (client sets) who try to access is indeferent for me. Thanks in advance, Morvan. =============================================== -----Original Message----- From: Morvan [mailto:mmuller@xxxxxxxxxxxxxxxx] Sent: Thursday, November 06, 2003 8:57 AM To: [ISAserver.org Discussion List] Subject: [isalist] destination sets question http://www.ISAserver.org I have configured destinations sets for ex: deny-sites = (*.yahoo.com, yahoo.com) and have a content rule: action=deny destination="deny-sites" aplly-to="everyone" With this I deny the whole yahoo site. But my intention is deny the whole yahoo site, except some destination like: br.groups.yahoo.com/* (and other 2 yahoo subdomains) How can I do it with ISA? Thanks,