[squid-users] url_rewrite_program and ACLs
Vieri
rentorbuy at yahoo.com
Wed Nov 8 09:21:22 UTC 2017
Hi,
I'm not sure I understand how url_rewrite_program works.
In the example below I'm trying to allow traffic from CLIENT_IP_ADDR to SERVER_DOMAIN_ADDR where CLIENT_IP_ADDR is in the allowed_ips ACL, and SERVER_DOMAIN_ADDR is in the allowed_domains ACL (I know it's redundant, but it's just an example).
http_access allow localnet !restricted_ips allowed_domains
http_access allow localnet !restricted_ips allowed_ips
http_reply_access allow localnet !restricted_ips allowed_ips
http_reply_access allow localnet !restricted_ips allowed_domains
[...]
url_rewrite_program /usr/bin/squidGuard
url_rewrite_children 80 startup=10 idle=3
http_access allow localnet
The problem is that the browser on the CLIENT_IP_ADDR displays the "redirect" page defined in squidGuard when trying to access SERVER_DOMAIN_ADDR.
I could configure the allowed_domains and allowed_ips ACLs within squidGuard itself, but shouldn't the Squid rule prevail anyway?
Is the redirection done regardless of what precedes in squid.conf?
Thanks,
Vieri
More information about the squid-users
mailing list