Re: [squid-users] external_acl_type

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Mon, 19 Apr 2010 01:14:23 +0000

On Sun, 18 Apr 2010 22:17:57 +0200, ml ml <mliebherr99_at_googlemail.com>
wrote:
> Hello List,
>
> i am using LDAP to verify SRC-IP and Destination URL. Weather its
> allowed or not. Here is my config:
>
> external_acl_type ldap_surfer negative_ttl=2 ttl=2 %DST %SRC
> /etc/scripts/ldap_default_allow.pl
> acl users external ldap_surfer
> http_access deny users
>
>
> Howevery, whatever my ldap_default_allow.pl script returns (ERR or
> OK), the access is always denied ( i guess due: http_access deny
> users).
>
> How does my config have to look like, in order to deny/allow access by
> using my return values from the helper script?

When the script matches (returns OK) the request is blocked by http_access
deny users".
When the script returns "ERR" something else happens.

NP: there is no way for any of us here to tell you what might happen in
the config lines we can't see. Or to even start suggesting alterations
without knowing what else could break.

Amos
Received on Mon Apr 19 2010 - 01:14:28 MDT

This archive was generated by hypermail 2.2.0 : Mon Apr 19 2010 - 12:00:05 MDT