Dodd Graham Civ UCSS/SCBS wrote:
> Many thanks to all who emailed me about redirectors, squid is now in a
> test phase before we start blocking.
>
> Q1. Can I specify certain IP addresses that can access banned sites,
> while most users are limited. No the sys admins are NOT perverts!!
> We're trying to limit users who download software from unauthorized
> sources (like Microsoft) before it's been tested and approved, which is
> part of my job.
Yes. The line of data that is passed to the redirector looks like this:
http://www.gamespot.com/ 203.4.148.34/- - GET
As you can see, the second field is the source-ip. (203.4.148.34, which was
me). You can therefore do clever access control.
> Q2. Banned access gets redirected to another Linux box running httpd to
> pull up our custom page, but when the web server had a network problem
> then squid allowed access to the banned URL's, is this correct?
No...if the redirector is returning a URL, that should be the URL that is
loaded, hell or high-water...Unless there's something going on that I'm not
aware of (possible). Maybe it was a cache-hit? (said dubiously)
D
-- Note to evil sorcerers and mad scientists: don't ever, ever summon powerful demons or rip holes in the fabric of space and time. It's never a good idea. ICQ UIN: 3225440Received on Thu Dec 11 1997 - 07:44:16 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:55 MST