> On ons, 2007-08-15 at 01:08 +1200, Amos Jeffries wrote:
>> Chris Robertson wrote:
>
>> > The "all" here should be the first acl referenced on the line or it
>> will
>> > prevent your deny_info message from being shown.
>> >
>> > e.g. "http_access deny all maxcon"
>> >
>> >> deny_info ERR_MAXCON maxcon
>> >>
>>
>> That sounds a lot like a bug.
>
> Does it? Squid reads http_access lines left to right..
Um, arg. I must have had my head on backwards yesterday. this is the third
simple logic error you've caught for me.
I was thinking of the LHS ACL matching and stopping to be used by the
deny. Not the AND case in effect where it MUST continue through the rest.
>
> But yes, it can be documented better. The notes in deny_info isn't
> exactl helpful on this subject..
>
> deny_info matches the last acl on the http_access deny line which denied
> access, or if authentication is required to process the request the
> first authentication related acl encountered while processing the
> http_access rules.
One for the history books....
Maybe this should be changed in future so a deny_info can be given a name
(like ALC are named now) but the http(s)_access adds a deny=NAME option
to specify the exact alternative page to be used.
Amos
Received on Tue Aug 14 2007 - 21:15:00 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT