I agree with what was suggested earlier today; the 302: should help.
> It seems that the acl is sending them to the index.html with any
> request, rather than allowing them access to anything within the
> defined host.domain.com host defined in the local/domains file.
It becomes a lot easier to debug when you add a log statement to your
acl. You will then have a log entry for every redirected url:
> acl {
> default {
> pass local none
> redirect http://host.domain.com/proxy_config_page/index.html
--->> log blocked.log
> }
> }
You may have posted a partial squidGuard.conf, but I'd make sure that
you have a dbhome and a logdir statement in your config file.
> This works to the point that the users are redirected to the
> appropriate web page, but they cannot go to the subpages, nor can
> they call up any graphics or associated files form the page.
'host.domain.com' should be giving you access to '*.host.domain.com/*'
Is everything referred to in the html contained within those
limitations?
Regardless, your goal is to get the job done, right? In that
situation I might pull the urls out of the source html, sort them,
and specifically allow those directories by listing them in
a local/urls file (remember, no trailing slash).
Rick
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Fred Clark
> Sent: Tuesday, March 18, 2003 2:39 PM
> To: [EMAIL PROTECTED]
> Subject: squidGuard ACL configuration question
>
>
> We are attempting to de-commission our squid forwarding proxy from our
> cluster environment, and to this end are attempting to use squidGuard to
> redirect the users to a web site with links to instructions for various
> browsers, as well as a script to auto configure our locked down user's
> proxy settings. To this end we created the following entries in our
> squidguard.conf - note that I have replaced host names with "host.domain"
> for obvious reasons...
>
> dest local {
> domainlist local/domains
> }
>
> acl {
> default {
> pass local none
> redirect http://host.domain.com/proxy_config_page/index.html
> }
> }
>
>
> file /usr/local/squidGuard/db/local/domains contains this one line:
>
> host.domain.com
>
> This works to the point that the users are redirected to the appropriate
> web page, but they cannot go to the subpages, nor can they call up any
> graphics or associated files form the page. It seems that the acl is
> sending them to the index.html with any request, rather than allowing them
> access to anything within the defined host.domain.com host defined in the
> local/domains file.
>
> Is there a tidy way to allow full access to this host/directory via this
> method, or is there a wildcard we can set so they will have access to all
> files within that web directory?
>
> Thanks in advance for any ideas on this
>
> Fred Clark
> Internet Technologies
> Unilever GIO NA
>
>
