Re: [squid-users] deny_info

From: Carlos Manuel Trepeu Pupo <charlie.mtp_at_gmail.com>
Date: Mon, 9 May 2011 23:24:50 -0400

2011/5/9 Amos Jeffries <squid3_at_treenet.co.nz>:
> On Mon, 9 May 2011 13:07:50 -0400, Carlos Manuel Trepeu Pupo wrote:
>>
>> Hi, I'm now using deny_info to personalize the error pages. I have
>> installed Squid 3.0 STABLE1 (I know it's an old version). Here is an
>
> So why for the sake of 6 *major* security vulnerabilities did you do that?
> http://www.squid-cache.org/Advisories

I'm making test for all the new thing I will implement, so, when all
work fine I'll make the change !!!
>
>> example of my squid.conf:
>>
>> acl ext url_regex -i \.exe$
>> acl ip src 192.168.10.10
>> acl max maxconn 1
>> http_access deny ip ext max
>> # I already create the page in the directory's errors pages.
>> deny_info ERR_EXT_PAGE max
>> http_access allow !maxconn
>>
>> The problem is that the page that show me it the default of denied and
>> not the mine. What's wrong and how could I fixed ?
>
> Are you sure its being denied by "deny ip ext max"?

yes that's the unique http_access that work with this acl.

I make a few test and this is the result:

#THIS NOT WORK
acl ext url_regex -i \.exe$
acl ip src 192.168.10.10
acl max maxconn 1
http_access deny ip ext max
# I already create the page in the directory's errors pages.
deny_info ERR_EXT_PAGE max
http_access allow !max

#THIS WORK
acl ext url_regex -i \.exe$
acl ip src 192.168.10.10
acl max maxconn 1
http_access deny max
# I already create the page in the directory's errors pages.
deny_info ERR_EXT_PAGE max
http_access allow !max

The difference it's that the "http_access deny" only have an argument
my ACL, but if I combine it, then do not show me the PAGE that I
created. There any way to solve that?

>
> Amos
>
Received on Tue May 10 2011 - 03:24:58 MDT

This archive was generated by hypermail 2.2.0 : Tue May 10 2011 - 12:00:02 MDT