* Amos Jeffries wrote : > Troy Piggins wrote: >> * Amos Jeffries wrote : >>> Troy Piggins wrote: >>>> * Amos Jeffries wrote : >>>>> Troy Piggins wrote: <snip /> >> >> If there's another nameserver after localhost, how does squid >> behave? Take the first or last nameserver entry? >> > > First to respond without failure. It starts with the order you give it > and works through them until one succeeds or all have failed. > > The fact squid is resolving the site, means either your localhost > resolver is failing, or at least not resolving the domain to the fake IP. > >> nameserver 127.0.0.1 >> nameserver www.xxx.yyy.zzz >> search isp.invalid Right, thanks for that. <snip /> >>>> The mvps hosts file looks exactly like /etc/hosts file format. >>> K. In that case the squid.conf option hosts_file should be usable for >>> squid without even needing the localhost resolver >>> http://www.squid-cache.org/Versions/v3/3.0/cfgman/hosts_file.html >> >> Way I read that was if there's only one /etc/hosts file. I have >> a few. The basic /etc/hosts, them supplementary ones like the >> mvps hosts file saved as /etc/hosts.mvps . The entries in that >> get read into dnsmasq by a configuration parameter that points to >> supplementary hosts files. > > Yeah, you can only set one for read at present. Thanks. >> May be easier to compile all into one hosts file. I'll consider >> that. >> >>>>> The simplest way though, is to use a plain dstdomain ACL, >>>>> possibly with the entries in a file for easy management. >>>>> >>>>> You then use the custom ACL helper, http_access, and deny_info >>>>> URL to provide the custom denial webpage for visitors. >>>>> >>>>> http://www.squid-cache.org/Versions/v3/3.0/cfgman/external_acl_type.html >>>>> http://www.squid-cache.org/Versions/v3/3.0/cfgman/http_access.html >>>>> http://www.squid-cache.org/Versions/v3/3.0/cfgman/deny_info.html >>>> Thankyou for those links. I'll look into it. Amos, I must thank you again for your quick and helpful replies. -- Troy Piggins
