Using Debian platform with 2.6.STABLE14, and am following the config example found at http://wiki.squid-cache.org/ConfigExamples/Portal/Splash I cannot seem to make this work. The config example says... Paste the configuration file like this: # mind the wrap. this is one line: external_acl_type session ttl=60 %SRC /usr/local/sbin/squid/squid_session -t 7200 -b /etc/squid/session.db acl new_users external session deny_info http://example.com/splash.html new_users http_access deny !new_users For the Debian package I had to modify the path to squid_session, else squid would not start. No big deal. Correct path for my system was: /usr/lib/squid/squid_session I also changed the deny_info target to a valid splash page on an accessible server. I made sure that the splash page can be loaded by any client if accessed directly. ...the config example then goes on to say... "This is just the snippet of config which causes the splash page and session to be enacted. Rules which permit the visitor use of the proxy are expected to be placed as appropriate below them. The basic default safety nets should as always be above them." This seems a bit ambiguous for people who are new to squid (like me). I have tried pasting the block of code in various places in my config file, and it seems no matter where I put it, I get the same result from IE: "The page cannot not displayed, Diagnose Connection Problems". Squid and AUTH works perfectly otherwise. Ideally, I want a splash page that displays our AUP, and has a form for username and password. Upon entering a valid username and password, acceptance of the AUP id confirmed and access to the proxy is granted. TIA! Jim My squid.conf follows: #----- SQUID 2.6.STABLE14 -----# http_port 3128 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache access_log /var/log/squid/access.log common hosts_file /etc/hosts auth_param basic program /usr/lib/squid/nds_auth auth_param basic children 5 auth_param basic realm Enter your NOVELL name and password auth_param basic casesensitive off auth_param basic blankpassword off auth_param basic credentialsttl 8 hour refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl auth proxy_auth REQUIRED #splash external_acl_type session ttl=60 %SRC /usr/lib/squid/squid_session -t 7200 -b /etc/squid/session.db acl new_users external session deny_info http://proxy.efa.lan/aup.php new_users http_access deny !new_users http_access allow auth http_access deny all acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl SSL_ports port 563 acl SSL_ports port 873 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl Safe_ports port 631 acl Safe_ports port 873 acl Safe_ports port 901 acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all icp_access allow all visible_hostname squid.efa.org header_access Accept-Encoding deny all coredump_dir /var/spool/squid extension_methods REPORT MERGE MKACTIVITY CHECKO
