Thanks Amos, this works perfectly. So cache_peer_access can block the request from even touching the peer where as http_reply_access would block it after it's been processed by the peer. Makes sence. Cheers! -- Paul Ch sima_yi@xxxxxxxxxxxxx On Fri, Dec 14, 2012, at 04:57 AM, Amos Jeffries wrote: > On 14/12/2012 5:41 p.m., Paul Ch wrote: > > Hi, > > > > I am running a squid 3.2.1 server as a reverse proxy. I have several > > Microsoft Windows IIS servers as cache_peers. > > > > I am trying to setup a custom error page for various HTTP_STATUS codes > > such as 404 and 500. This is a relevant extract from my squid.conf > > file: > > > > #squid config extract# > > > > acl denied_status http_status 400-404 500 502 503 > > > > #Production JC > > cache_peer api.mydomain.com parent 443 0 no-query originserver ssl > > sslversion=3 sslflags=DONT_VERIFY_PEER front-end-https=on name=jc > > login=PASSTHRU > > acl sites_jc dstdomain api.mydomain.com > > cache_peer_access jc deny sites_jc denied_status > > cache_peer_access jc allow sites_jc serviceHours1 > > acl http proto http > > acl https proto https > > > > #EOF# > > > > If I try to access api.mydomain.com/nonexistant, I still see the IIS 404 > > error page rather than the access denied squid error. > > > > Any ideas? > > cache_peer_access determines whether teh request s allowed to be > serviced by the peer. > > How do you expect the future result form the peer to be used to > determine whether to fetch it there? > > Use http_reply_access instead. > > Amos -- http://www.fastmail.fm - A fast, anti-spam email service.
