Re: [squid-users] problem with deny_info

From: Christoph Haas <email@dont-contact.us>
Date: Mon, 8 May 2006 16:12:22 +0200

(too lazy to tidy up the TOFU)

I believe that your configuration is working. But you are not understanding
the way deny_info works. Re-read my mail.

 Christoph

On Mon, May 08, 2006 at 05:39:14PM +0430, power159 wrote:
> Hi Christ
>
> with my configuration every thing working ok ! i have problem only with
> errors ! :(
>
> Now :
>
> 127.1.10.5 > full access without any problem
> 127.1.10.0 > half access ( only sites that are in urls.txt ) but showing
> standard error !
> 127.0.0.1 > can access to only mysite.com and showing custom error
>
> as u see configuration is working ! but its not showing custom error :(
>
>
>
>
> On Mon, 08 May 2006 17:24:16 +0430, Christoph Haas
> <email@christoph-haas.de> wrote:
>
> >On Mon, May 08, 2006 at 03:30:17PM +0430, power159 wrote:
> >>i am useing this config :
> >>
> >>**************************************************
> >>acl fullaccess src 127.1.10.5/255.255.255.255
> >>acl halfaccess src 127.1.10.0/255.255.255.255
> >>acl noneaccess src 127.0.0.1/255.255.255.255
> >>
> >>acl filter1 url_regex -i "/urls.txt"
> >>acl filter2 url_regex -i mysite.com
> >>
> >>deny_info ERR_HALF_ACCESS filter1
> >>deny_info ERR_NONE_ACCESS filter2
> >>
> >>
> >>http_access allow fullaccess
> >>
> >>http_access allow halfaccess filter1
> >>http_access allow noneaccess filter2
> >>
> >>****************************************************
> >>
> >>now all of this working but deny_info for last line is standard access
> >>denied !
> >>
> >>http_access allow halfaccess filter1 --> showing standard Access denied
> >>http_access allow noneaccess filter2 --> showing custom error
> >>
> >>AND! when i am repacing this 2 line , again last line is howing standard
> >>error !
> >>
> >>http_access allow noneaccess filter2 --> showing standard Access denied
> >>http_access allow halfaccess filter1 --> showing custom error
> >
> >The page defined by "deny_info" will not match here because you "allow"
> >the
> >access. You need to connect it to the ACL that matches when an access is
> >denied. After all... it's not called "allow_info" for a reason. ;)
> >
> >Add the following lines:
> >
> >deny_info ERR_HALF_ACCESS halfaccess
> >deny_info ERR_NONE_ACCESS noneaccess
> >http_access deny halfaccess
> >http_access deny noneaccess
> >http_access deny all
> >
> >Kindly
> > Christoph
> >
>
>
>
> --
> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
Received on Mon May 08 2006 - 08:12:25 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT