Hi Sean,
You cannot have 2 or more ACLs matching the same source.
The first ACL for source 'client' is matched for a PC with
IP address range 10.0.0.0 - 10.0.255.255 and then
the 'pass rule' is used to make a decision on whether
to block or not.
The second ACL for 'client' is never used.
The solution: use a dynamic web page that can both handle
porn and ads, e.g. redirect http://thishost/cgi-bin/blocked.cgi?targetclass=%t
and use a 'blocked.cgi' perl or PHP script to display
the message that you want.
I am the author of ufdbGuard, an alternative for squidGuard
and ufdbGuard contains an example for the blocked.cgi script.
-Marcus
Sean Brown wrote:
I'm trying to set up SquidGuard here to redirect to different pages for
different things. For instance, ad blocking shouldn't go to the same
page that policy violations do.
I have something like the following
dest ads {
domainlist ads/domains
url ads/urls
}
dest porn {
domainlist porn/domains
url porn/urls
}
src client {
ip 10.0.0.0-10.0.255.255
}
acl {
client {
pass !porn
redirect http://thishost/porn.html
}
client {
pass !ads
redirect http://thishost/ads.html
}
default {
pass !in-addr all
redirect http://thishost/policy.html
}
}
Testing squidGuard from the command line, the porn blocking redirects
correctly, but domains specified in ads do not redirect at all.
Is what I'm trying possible with squidguard or should I be looking at a
different redirector?
Thanks.
