I can't make sense of the deny_info description...
# This can be used to return a HTTP redirect for requests which
# do not pass the 'http_access' rules. A single ACL will cause
# the http_access check to fail. If a 'deny_info' line exists
# for that ACL then Squid returns a redirect to the given URL.
As I understand it, a request is refused on the basis of an
http_access *rule*, which consists of a boolean expression made up of
ACLs.
The rule and its acls...
acl cranfield src 138.250.0.0/255.255.0.0
acl rmcs src 193.63.247.0/255.255.255.0
acl hypernews urlpath_regex ^/hypernews
http_access deny hypernews !cranfield !rmcs
This denies access to /hypernews* for non-local users: but how do I
define the deny_info line for "that ACL"? This doesn't seem to have an
effect...
deny_info http://www.cranfield.ac.uk/forbidden-hypernews.html hypernews
!cranfield !rmcs
What am I doing wrong (or is this line theoretically right).
As a matter of personal taste, I'd prefer the http_access arguments to
consist of exactly one ACL and an error message, combined with the
ability to define ACLs as Boolean expressions of other ACLs. There
would a default pseudo-acl to catch all the unspecified conditions.
Ideally, I'd like to generate a real error message (code 400) as
opposed to a location header, as this runs the risk that an "error
message" specified as a Location header can become cached as
apparently real data.
Peter Lister Email: p.lister@cranfield.ac.uk
Computer Centre, Cranfield University Voice: +44 1234 754200 ext 2828
Cranfield, Bedfordshire MK43 0AL UK Fax: +44 1234 751814
------------------------------------------------------------------------
(1) "Yes" (2) "No" (3) "That would be an ecumenical matter"
------------------------------------------------------------------------
Received on Fri Jan 03 1997 - 08:09:10 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:59 MST