I see. Regarding my second question: why does line ‘ http_access deny facebook ’ has to be placed below line ‘ http_access allow localhost ’? If am not mistaken the relevant video indicates that deny lines should be placed before allow lines in order to be evaluated first regarding ACL rules. Can you please explain?
Squid works by finding the first matching ACL rule that it encounters (from top to bottom) and uses the specified action (allow/deny) and then no other ACLs are tested, so squid will deny access to Facebook and then allow access to localhost and apply other rules in order,
but if you have an ACL rule that allows access to Facebook before the mentioned rule http_access deny facebook, it will be matched and the search terminates as soon as one of the rules is a match