Dave Coventry wrote:
Hi Amos,
On Fri, Mar 28, 2008 at 4:26 PM, Amos Jeffries wrote:
Because the ACL to which you have attached the deny_info is only doing
an allow. You need to use it to actually deny before the deny_info will
work.
Try:
http_access deny !lan
Okay, I'll give it ago. Is that instead of "http_access allow lan"?
It's a shame I didn't get this until after I'd left work; I'll have to
wait until Monday, I guess.
After IMO. The allow will just let the K people through, a following
deny will block the rest with your denial page.
> url_rewrite_program to redirect to my login page. The interesting
> thing here is that if I redirect as follows:
> --
> print "302:http://192.168.60.254/cgi-bin/auth.cgi\n";
> --
> Then I get an error message which says "Error the requested URL could
> not be retrieved." as the root has been removed from the path.
> (see http://davec.uklinux.net/Squid3.0-HEAD.jpg )
>
> But, if I put a slash in front of the redirection URL:
> --
> print "302:/http://192.168.60.254\n";
> --
> then Squid attempts to redirect me to the originally requested URL
> with /http://192.168.60.254/ appended.
> (see http://davec.uklinux.net/Redirectionerror.jpg )
Do you have any idea what's happening as regards the
"url_rewrite_program" directive?
I think there may be something funky happening with raw-IP hostnames in
squid 2.x. It may disappear if you use a FQDN in the deny_info.
I just know I had to do a re-work in 3-HEAD to get it to handle IPv6
correctly in all use-cases where it should have been a simple drop-in.
Amos
--
Please use Squid 2.6STABLE19 or 3.0STABLE2
