Suppose you want to restrict access to gmail.com and facebook.com via Squid. Using dstdomain directive you can restrict the access to these sites. But make sure that these lines should be at top of the file. The general deny policy is to keep deny lines at top. You should add following lines in /etc/squid/squid.conf file.
.
1. # nano /etc/squid/squid.conf
# systemctl restart squid.service
.
2. Try to browse the site any of the restricted site. You should be able to see following message.
