On Wed, Feb 01, 2006 at 05:39:52AM -0600, David P.C. Wollmann wrote: > > It looks like host(1) fetched the right answer from /etc/hosts and then > queried two DNS servers, which probably should have given the same > answer, but didn't. Generally, as long as /etc/hosts gives the right > answer you won't be asking the DNS servers for the information.
Thanks. Given that there is only one line in my /etc/hosts file why would it be looking for two other DNS servers? Where would I find the information to tell me what's leading it astray? > > The reason I asked for this information is that you specified a > squidGuard redirect to an httpd listening on localhost, but the error > squid gave you referred to a URI with a LAN address. Try having your > httpd listen on the LAN address as well as localhost and see if that > makes a difference. > Ermmm.. How do I do that? (Sorry to be so lame). Having played around with things a bit now I realise that I was working under a misaprehension. Let me ask the question this way... Does squidGuard *have* to use the "Redirect http://whetever.com/cgi-bin/squidGuard.cgi+etc...."; directive when it blocks a site? When I use squid on its own without squidGuard - with some simple acl rules set up - squid quite successfully blocks access to those sites and puts up a screen with an "access denied" message. Those messages are simple files held in the "errors" directory. In my naivity I assumed that once squidGuard was in charge it would block a site and pass the instruction to squid which would put up its "access denied" message. It doesn't seem to work this way however. Only when I have the "Redirect http://.....squidGuard.cg1....etc.."; does it actually block the site, but the screen shows a "Connection Failed" error message. In other words it can't process the squidGuard.cgi script. I have tried both : http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u and http://192.168.123.101/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u as the redirect addresses. I thought then that I would point the Redirect line to the file that squid uses in the "errors" directory - or create my own - e.g. Redirect file:///192.168.123.101/path_to_file/Bad_Boy_Site_Blocked.html but that simply doesn't work. If however I point it to an external site - e.g. Redirect http://www.google.com then any banned site is correctly bounced to google - so I am now confident that squidguard is working as it should. So it seems that my only real problem is being able to redirect to a cgi script or file on my own computer which at the moment is failing with a "connection refused" error. Will your above suggestion enable that? Thanks for your help Mark
pgpOhmB82LgWZ.pgp
Description: PGP signature
