Re: Support for cern like Pass/Fail proxy limits?

From: Russell Street <>
Date: Tue, 26 Nov 1996 09:42:23 +1300 (NZDT)


We did the same sort of thing here (CERN to Harvest to Squid)

> I can't seem to see any way to restrict or redirect URL's similar to Cern's
> Pass and Fail commands. Does someone have a plug in module that creates
> this functionality (and uses the exact same syntax as Cern :)? Possibly
> working with the URL Redirector in 1.1.beta23.

We use a Perl script as a redirector to implement our access policy:

- The only machines can use the proxy server are those inside our
network. (This is done by ACLs in squid.conf)

- Anyone inside our network can access any URL inside our network,
plus select few outside

- To be able to get to the world at large the IP address need to be
explicitly allowed out

The redirector reads two files

        - one of URLs that anyone can connect to
        - one of IP addresses that can access any URL

If the request is allowed, the redirector returns an empty line. If
it denied, the redirector returns a URL that runs a CGI script that
explains in words of one syllable why they have been denied.

The script(s) is available to anyone who wants it on request.

Received on Mon Nov 25 1996 - 12:42:52 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:38 MST