From: Iain Lea <>
Date: Sun, 23 Feb 1997 10:48:42 +0100

This package implements a 'Redirector' process to use with squid v1.1.x
( to allow Intranet (restricted) or Internet
(full) access with URL deny and redirection for sites that are not deemed
acceptable for a userbase all via a single proxy port.

The package is implemented as 2 Perl5 ( scripts.
The script is installed in the squid bin directory
(ie. /usr/local/squid/bin) and is started by the squid process. The following
2 entries need to be enabled in your squid.conf file:

  redirect_program /usr/local/squid/bin/
  redirect_children 10

The number of children to start depends on your machine/usage profile.
We run 32 children on a SGI Challenge L/4x250Mhz R4400/512MB/20GB that
receives 600-900K requests/day with a loadavg of 0.9-2.5 so YMMV.

Client IP access is controlled via the ACL config file (default:
/usr/local/squid/etc/acl-client.conf) that has the following format:

  <IP/FQDN/Network/DN><whitespace><Permissions 1=Intranet 2=Internet> 1
  110.3. 1 1 2
  192.129.41. 2 2

The priority ordering for matching an ACL is (with fallthru to next):

  IP %AclIP constant lookup time
  FQDN %AclFQDN constant lookup time
  Network @AclNet variable lookup time
  SubDN @AclSubDN variable lookup time

URL denial/redirection is controlled via the ACL URL file (default:
/usr/local/squid/etc/acl-url.conf) that has the following format:

  <URL>[<whitespace><Redirected URL>]

A running squid process needs to be sent a 'kill -[HUP|TERM] squid-pid'
signal to cause a reread of both config files after any changes.

Set the following variables at the top of to suit your site:

  $IntranetURL = "siemens|sni|scn|sbs|sietec|snat|rolm|bosch";
  $DenyURL = "";
  $AclDir = "/usr/local/squid/etc";
  $AclClientFile = "$AclDir/acl-client.conf";
  $AclUrlFile = "$AclDir/acl-url.conf";
  $LogFile = "/var/adm/squid/redirector.log";
  $Logging = 1;
  $Proxy = "";
  $Port = 81;

Note: make sure the $IntranetURL variable is correctly set for your site!

The script should be installed on a WWW server that
allows cgi-bin scripts and has the Perl5 module already installed
Its purpose is too display informative error messages to the user that
accessed a squid proxy running with the script. We run 3
squid's in various locations with a central www server that logs all
denial/redirect messages.

Set the following variables at the top of for your site:

  $DefaultURL = "";
  $SupportURL = "";
  $SupportImg = "";
  $SupportEmail = "support\";
  $SupportMisc = " or FAX +1 911 977 3500";
  $LogFile = "/var/adm/redirector.log";

Available from

Please report all bugs/ideas to me.

Iain Lea   <>   +49 911 978 3120
"We all enter this world in the same way:  naked;  screaming;  soaked 
in blood. But if you live your life right, that kind of thing doesn't 
have to stop there." -- Dana Gould
Received on Sun Feb 23 1997 - 02:18:13 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:31 MST