The acl is the last ACL name processed when the request was denied. In
this case SSL_ports (without the !)
In short, the last acl name on the http_access deny line you want the
message to be shown for..
The deny_info directive accepts a number of ACL names (one or more),
which will cause that error page to be shown for all of those ACL names.
-- Henrik Nordstrom Squid hacker Robin Stevens wrote: > > I'm attempting to customise the error response given on attempts to make > use CONNECT with invalid SSL ports as follows (under 2.3 STABLE 4): > > acl SSL_ports port 443 563 > acl CONNECT method CONNECT > > http_access deny CONNECT !SSL_ports > deny_info ERR_SSL_PORT_DENIED CONNECT !SSL_ports > > However a failure merely produces the default ERR_ACCESS_DENIED response. > Is there a way round this? > > The comments in the default config file suggest that only a single ACL is > valid on the deny_info line, but don't make it entirely clear: > > # TAG: deny_info > # Usage: deny_info err_page_name acl > # Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys > # > # This can be used to return a ERR_ page for requests which > # do not pass the 'http_access' rules. A single ACL will cause > # the http_access check to fail. If a 'deny_info' line exists > # for that ACL then Squid returns a corresponding error page. > > Thanks, > Robin > > -- > --------------- Robin Stevens <robin.stevens@oucs.ox.ac.uk> ----------------- > Oxford University Computing Services http://www-astro.physics.ox.ac.uk/~rejs/ > > -- > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Wed Feb 21 2001 - 15:08:41 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:07 MST