Dave Coventry wrote:
Hi Henrik,
On Fri, Mar 28, 2008 at 2:29 AM, Henrik Nordstrom wrote:
http://www.squid-cache.org/Versions/v2/2.6/cfgman/deny_info.html
Thank you. I'm not sure I understand it, though. Do you need to set
%s? How do you use it?
> I've tried:
>
> deny_info "302:http://192.168.60.254/login.html"; lan
Should be
deny_info http://192.168.60.254/login.html lan
Yes, I've also tried that.
This is what I've currently got:
--
external_acl_type ipauth ttl=5 negative_ttl=5 %SRC
/usr/local/squid/libexec/checkip
acl lan external ipauth
http_access allow lan
deny_info http://192.168.60.254/login.html lan
--
However, redirection does not take place and I'm served the Standard
error page in ERR_ACCESS_DENIED.
Because the ACL to which you have attached the deny_info is only doing
an allow. You need to use it to actually deny before the deny_info will
work.
Try:
http_access deny !lan
In an attempt to find a kludge for what I'm trying to do, I used
url_rewrite_program to redirect to my login page. The interesting
thing here is that if I redirect as follows:
--
print "302:http://192.168.60.254/cgi-bin/auth.cgi\n";
--
Then I get an error message which says "Error the requested URL could
not be retrieved." as the root has been removed from the path.
(see http://davec.uklinux.net/Squid3.0-HEAD.jpg )
But, if I put a slash in front of the redirection URL:
--
print "302:/http://192.168.60.254\n";
--
then Squid attempts to redirect me to the originally requested URL
with /http://192.168.60.254/ appended.
(see http://davec.uklinux.net/Redirectionerror.jpg )
Regards and thanks for your time :)
Dave
Amos
--
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.
