[squid-users] Portal Splash Pages example on squid 3.3.13

Amos Jeffries squid3 at treenet.co.nz
Mon Feb 9 22:13:33 UTC 2015 

On 10/02/2015 6:07 a.m., amitinfo2k wrote:
> Hi,
> 
> I am a newbie to squid proxy world.
> I have setup the squid proxy with default configuration on Fedora 19 box.
> Now I wanted to configure the Spash pages. But, not able to find a single
> working example for squid 3.3.13.
> Can anyone provide me an example configuration for Spash pages in squid
> 3.3.2.

Sessions and splash pages operate the same for all Squid versions.
 http://wiki.squid-cache.org/ConfigExamples/Portal/Splash

The only reason it mentions versino numbers at all is that there was a
new HTTP/1.1 status code added in 3.2.

It seems the config got a bit corrupted. I've fixed that now.


Some edits in line below:


> 
> I have tried the following modified example but no luck no errors in the
> logs :
> 
> # Set up the session helper in active mode. Mind the wrap - this is one
> line:
> external_acl_type session ipv4 concurrency=100 ttl=3 %SRC
> /usr/lib64/squid/ext_session_acl -a -T 60 -b /var/lib/squid/session/
> 
> # Pass the LOGIN command to the session helper with this ACL
> acl session_login external session LOGIN
> 

Delete ...

> # Set up the normal session helper. Mind the wrap - this is one line:
> external_acl_type session_active_def ipv4 concurrency=100 ttl=3 %SRC
> /usr/lib64/squid/ext_session_acl -a -T 60 -b /var/lib/squid/session/
> 

... to here.


> # Normal session ACL as per simple example
> acl session_is_active external session_active_def

Replace with:
  acl session_is_active external session

> 
> # ACL to match URL
> acl clicked_login_url url_regex -i http://example.net


Replace with:
  acl clicked_login_url url_regex -i ^http://example.net/$

> 
> # First check for the login URL. If present, login session
> http_access allow clicked_login_url session_login
> 
> # If we get here, URL not present, so renew session or deny request.
> http_access deny !session_is_active
> 
> # Deny page to display
> deny_info http://example.net session_is_active

Replace with:
 deny_info 511:http://example.net/ session_is_active

Notice that the URL has to be a full valid URL. Your squid version is
*not* checking it before embedding into the outgoing headers.


Amos

More information about the squid-users mailing list