[SQU] deny_info and acl parsing

From: Robin Stevens <robin.stevens@dont-contact.us>
Date: Wed, 21 Feb 2001 18:26:20 +0000

I'm attempting to customise the error response given on attempts to make
use CONNECT with invalid SSL ports as follows (under 2.3 STABLE 4):

        acl SSL_ports port 443 563
        acl CONNECT method CONNECT

        http_access deny CONNECT !SSL_ports
        deny_info ERR_SSL_PORT_DENIED CONNECT !SSL_ports

However a failure merely produces the default ERR_ACCESS_DENIED response.
Is there a way round this?

The comments in the default config file suggest that only a single ACL is
valid on the deny_info line, but don't make it entirely clear:

# TAG: deny_info
# Usage: deny_info err_page_name acl
# Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys
#
# This can be used to return a ERR_ page for requests which
# do not pass the 'http_access' rules. A single ACL will cause
# the http_access check to fail. If a 'deny_info' line exists
# for that ACL then Squid returns a corresponding error page.

Thanks,
        Robin

-- 
--------------- Robin Stevens  <robin.stevens@oucs.ox.ac.uk> -----------------
Oxford University Computing Services  http://www-astro.physics.ox.ac.uk/~rejs/
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Wed Feb 21 2001 - 11:31:43 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:06 MST