On 20/05/17 04:22, Dijxie wrote:
W dniu 19.05.2017 o 17:16, Amos Jeffries pisze:
On 20/05/17 02:55, Dijxie wrote:
W dniu 19.05.2017 o 15:13, Amos Jeffries pisze:
On 20/05/17 00:44, Dijxie wrote:
Hi list,
1. I'd like to redirect **all** squid error pages to one,
universal, preferably internal squid error page. For sure I can
symlink every error page to one, but is there a clener way?
I'm not sure if I get it:
http://www.squid-cache.org/Doc/config/deny_info/
deny_info is to provide some non-default response payload (aka.
"page") instead of the 403 when an ACL performs administrative
denial of access.
As to your purpose; What is this universal message that conveys all
possible environmental conditions to the reader in one simple text?
Keep in mind that the reader may not be human; some errors are
explanations of indirect problems and only visible when the
accompanying machine instructions reach a failure (eg 30x, 401, 407
messages); and some are not errors at all but instructions for a
user on what they need to do to continue with communication (eg 511
login pages).
2. And then, using %e code and presumably external js nested in
this page, display more detailed info for some error numbers.
Can it be done? Can squid internal web server handle easy js?
Squid is not a web server. On "error" it produces message payloads
which happen to contain HTML by default. Modern HTML can contain
embedded scripts, but they are not interpreted by Squid as anything
beyond opaque characters.
If you redirect all errors to one URL any information the client
might have had about the error is destroyed.
The symlinking you though of is the "best" way to do what you are
asking for. However, think carefully about what the purpose of
displaying an error message is, see above.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
The purpose is to provide unified, debug info for 1st line of
support. End users in my corpo are not best IT trained people in the
world and they tend to open tickets for any reason, usually pasting
printscreen into ticket.
Simple debug info like: IP, user name, client name, cache name in
short list would help service desk to divide "moronic" tickets from
important ones, and as for default squid info pages... user do not
read them anyway. I do not want to remove error codes, I just want
to remove content of most error pages and replace it with unified
message that also contains raw error code (%e, %E) and add some more
information if %e will be nxdomain or access denied for example.
Unfortunately, I'm far from VPN right now, so I cannot show you the
sample "unified" error page I've commited till now.
But indeed, you have striked the home; cache users are both human
and machine$ AD accounts, I must reconsider that. Perhaps parsing
all error pages with sed ie and adding few lines will be easer and
more convenient, anyway.
I know that squid is not web serwer, but error page is html; I
assume it can contains iframe served from external web server and
this will be rendered by client's browser, not squid? My idea was:
- js nested in squid error page looks for error code
- then redirects nested iframe to specific URL hosted on external
httpd depending on error code. If error code is unimportant for
human (user can do nothing with that anyway), iframe stays blank.
- human client has has his explenation like "this is your error, do
not open ticket please, check your URL again" for nxdomain.
We are talking about ~2K users and 3-4 cache servers. I must take
comfort of first line support into concideration, they are quite
heavy-loaded already.
I'm not feeling comfortable with this idea, but I also have a
feeling that it might be necessity.
I think a better approach may be a link they can click on that
automatically reports the details for them. Some of our errors
already include a mailto web link to contact the administrator that
embeds the error details in subject etc as an example. But you can go
a bit further with a jQuery script that pulls IP etc and POSTs them
to a support database API.
You can also reduce a bit of the work editing files by pointing
error_directory in squid.conf to a directory with your altered
templates. That will save your changes from being overwritten when
the OS packaged ones update.
It would be yet another explanatory link they don't ever click,
unfortunately. But yes, I know it would be a better approach. This is
an organizational and 'political' issue and me myself can do nothing
about it.
For some maybe, if it is a major problem then make it an auto-fetch
jQuery instead so they dont need to click at all, the report "just
happens". That will also filter a lot of the machine-specific occurances
out.
malto: is alredy removed - they cannot open tickets this way and we do
not want to be flooded by emails like that.
That was my pimal idea: simle database/array that contains some
criteria like:
if %e is bad gateway and %I=10.10.10.69 and %i=10.22.0.0/16 then
iframe says: "we alredy told you 10000 times that you shall not try to
access %H server from %i network". Then I could give user info
database's managment to the people in service desk so they can change
info depending on the buisiness circumstances - without
reconfiguration of all squids (that should be identical because of LB
and FO) and harrasing my department of course :)
If they (end users) open a ticket in circumstances they were precisely
instructed not to do so, they (their company) are extra charged. If
they open a ticket because they do not know what to do, service desk
folks have to do unnecessary work for nothing. And common practice is
everybody forgets to inform users and service desk about changes or
3rd party supporting companies change something on their machines
causing huge mess and 2300 identical tickets within an hour; I'm just
trying to provide kind of dynamic, easy managed and functional error
page that can provide basic explenation for end users if needed.
So: js/jq + external iframe in error page(s) is something that does
not violate standards? Let's not talk about common sense here ;)
Anything that is accepted by browsers in an HTML document for
client-side interpretation can be used. That includes references to
sub-resources.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users