Dave Coventry wrote:
> Hi Henrik,
>
> On Fri, Mar 28, 2008 at 2:29 AM, Henrik Nordstrom wrote:
>> http://www.squid-cache.org/Versions/v2/2.6/cfgman/deny_info.html
>
> Thank you. I'm not sure I understand it, though. Do you need to set
> %s? How do you use it?
>
>> > I've tried:
>> >
>> > deny_info "302:http://192.168.60.254/login.html" lan
>>
>> Should be
>>
>> deny_info http://192.168.60.254/login.html lan
>
> Yes, I've also tried that.
>
> This is what I've currently got:
> --
> external_acl_type ipauth ttl=5 negative_ttl=5 %SRC
> /usr/local/squid/libexec/checkip
> acl lan external ipauth
> http_access allow lan
>
> deny_info http://192.168.60.254/login.html lan
> --
>
> However, redirection does not take place and I'm served the Standard
> error page in ERR_ACCESS_DENIED.
Because the ACL to which you have attached the deny_info is only doing
an allow. You need to use it to actually deny before the deny_info will
work.
Try:
http_access deny !lan
>
> In an attempt to find a kludge for what I'm trying to do, I used
> url_rewrite_program to redirect to my login page. The interesting
> thing here is that if I redirect as follows:
> --
> print "302:http://192.168.60.254/cgi-bin/auth.cgi\n"
> --
> Then I get an error message which says "Error the requested URL could
> not be retrieved." as the root has been removed from the path.
> (see http://davec.uklinux.net/Squid3.0-HEAD.jpg )
>
> But, if I put a slash in front of the redirection URL:
> --
> print "302:/http://192.168.60.254\n"
> --
> then Squid attempts to redirect me to the originally requested URL
> with /http://192.168.60.254/ appended.
> (see http://davec.uklinux.net/Redirectionerror.jpg )
>
> Regards and thanks for your time :)
>
> Dave
Amos
-- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.Received on Fri Mar 28 2008 - 08:26:53 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT
