> OK - So ho do I do that? > When I run squid on its own (on machine 192.168.123.101) and a user on (say) > machine 192.168.123.103 accesses a blocked site, squid pops up a message > which is (physically) held in a file on m/c 192.168/123.101/usr/share/errors/ERR_Somemessage > - so squid *can* access the local drive on 192.168.123.101.
> SquidGuard - running on the same machine together with the same instance of squid - can't > access the same file - nor can it run the cgi file in /var/www/cgi-bin. > I guess my question boils down to - why can't squidGuard use the same redirect file as squid? > I know that my dumb questions must be frustrating for you guys - but not half as frustrating > as it is for me being so close to a solution yet so far. The short answer is squid's redirector interface doesn't work that way. AFAIK there isn't anyway for a redirector to inform squid to return one of its error messages. Perhaps it could be done, but isn't really neccesary. Squid/squidguard is not a web server so they definatly wouldn't be able to access or run a CGI. Changing them to do that would greatly increase how complex they would need to be. With complexness you always get more bugs and a greature chance for security issues. I would suggest that you simply run a small web server on your squid+squidguard host. I run copy of webfs ( a small http server for static files only ) on my squid+squidguard host bound to port 9000. Squidguard is set to redirect to the server on 127.0.0.1:9000. If you wanted to run the CGI you would need something a little smarter then webfs though. Oh, as some of the previous people mentioned you would definatly want to setup an acl in squid+squidguard to allow all ruquests to 127.0.0.1:9000, or whatever the URL is for your redirection. Chris
