> well, two questions remain. > > 1) just curious. does "redirect" mean that 30x is to be returned ?
"redirect http://....."; is interpreted by squid as a 403 redirect. "redirect 301:http://..."; sends the 301 and is interpreted by squid as a 301 redirect. "redirect 302:http://..."; sends the 302 and is interpreted by squid as a 302 redirect. > 2) is it possible to redirect/rewrite the above ad1...adn, and to pass > everything by default. > I want to > a) pass ruleset which I explicitly specified The acl as listed below is: ' pass ok !ad1 !ad2 ... !adn all' and is processed left to right until either access is specifically granted or all possibilities are exhausted. Here's how 'pass ok !ad1 !ad2 ... !adn all' is processed: <ok> - Any url that matches the regexp contained in the destination group ok is explicitly allowed access. Processing ends, and approval is returned. <ad1> - If url matches the regexp in ad1, processing ends and the associated redirect is returned. Processing continues if url does not match the regexp in ad1. <ad2> - If url matches the regexp in ad2, processing ends and the associated redirect is returned. Processing continues if url does not match the regexp in ad2. <adn> - If url matches the regexp in adn, processing ends and the associated redirect is returned. Processing continues if url does not match the regexp in adn. <all> - An approval is returned for all urls that reach this point. (If you replace 'all' with 'none', any urls not explicitly approved in the acl statement will be denied.) > b) redirect/rewrite few rulesets which I also explicitly specified > (I'd rather avoid 30x codes, what is difference of redirect and > rewrite ?) 'redirect' statements are associated with destination groups, and their use is determined by an acl statement. 'rewrite' statements are associated with rewrite groups, and their use is also determined by an acl statement. The rewrite group can rewrite all or part of the url based upon regular expressions. Rewrite groups are completely defined within the squidGuard.conf file; they do not point to a database. It is very possible that your needs would be best served by using rewrite groups instead of the way that I have it written. I can't really be sure without seeing some examples of what you want to do. > c) pass everything which doesn't match any of rulesets > (an example You've given to me doesn't contain any "default", it is Ok > ?) 'pass all' and 'pass none' are explained above. The config file that I sent to you contains only the default acl, because you specifically said that you "don't need any source/time/username filtering". Rick Matthews > > -----Original Message----- > From: ���� ������� [mailto:ilia@;chel.skbkontur.ru] > Sent: Tuesday, November 12, 2002 12:14 AM > To: Rick Matthews > Cc: Squidguard@Squidguard. Org > Subject: RE: migrating from adzap to squidguard > > > Salut, Rick Matthews ! > > On Mon, 11 Nov 2002, Rick Matthews wrote: > > > > Could anybody help me to implement the above logic in squidguard ? > > > > Try this: > > -------------------------- > > logdir /usr/local/squidGuard/log > > dbhome /usr/local/squidGuard/db > > > > dest ok { > > expressionlist ok/expressions > > redirect http://some.local.host/ad.gif > > logfile blocked.log > > } > > > > dest ad1 { > > expressionlist ad1/expressions > > redirect http://some.local.host/ad.gif > > logfile blocked.log > > } > > > > dest ad2 { > > expressionlist ad2/expressions > > redirect http://some.local.host/ad.swf > > logfile blocked.log > > } > > > > dest adn { > > expressionlist adn/expressions > > redirect http://some.local.host/ad.mp3 > > logfile blocked.log > > } > > > > acl { > > default { > > pass ok !ad1 !ad2 ... !adn all > > } > > } > > -------------------------- > > > > I'd like to see the finished product, if you wouldn't mind, and I'd be interested > > in the various regexp, too. (If you'd care to share them with me.) > > the finished product is called "adzap" :) and what I'm trying to implement > is "squidguard running in adzap-compatibility mode" :) > > well, two questions remain. > > 1) just curious. does "redirect" mean that 30x is to be returned ? > > 2) is it possible to redirect/rewrite the above ad1...adn, and to pass > everything by default. > > I want to > > a) pass ruleset which I explicitly specified > > b) redirect/rewrite few rulesets which I also explicitly specified > (I'd rather avoid 30x codes, what is difference of redirect and > rewrite ?) > > c) pass everything which doesn't match any of rulesets > (an example You've given to me doesn't contain any "default", it is Ok > ?) > > > > > Rick Matthews > > > > > > > > > > ���� ������� wrote: > > > > > > I spent about a week reading documentation on squidGuard and decided that > > > I want to migrate to it. However, few questions still remain! > > > > > > adzap works by simply rewriting URLs, which is exactly the thing I want it > > > to do! it's Perl based, that's why I want to use squidguard. > > > > > > when certain URL belongs to PASS ruleset (regexp), that URL remains > > > untouched. > > > > > > when certain URL belongs to AD1 ruleset (again regexp) that URL is > > > replaced with http://some.local.host/ad.gif > > > > > > when certain URL belongs to AD2 ruleset (again regexp) that URL is > > > replaced with http://some.local.host/ad.swf > > > > > > <blah-blah-blah> > > > > > > when certain URL belongs to ADN ruleset (again regexp) that URL is > > > replaced with http://some.local.host/ad.mp3 > > > > > > Could anybody help me to implement the above logic in squidguard ? > > > I don't need any source/time/username filtering, just plain projection of > > > few regular expression rulesets into few local URLs ?? I'm not sure about > > > "302", "301" codes, adzap doesn't return any 30x code, so I don't want > > > squidguard to do that. I want it to do just rewriting thing (as any > > > self-respecting squid redirector is supposed to do :-) > > > > > > Regards, (��������� ���������) > > > Ilia Chipitsine (���� �������) > > > > > > > > > > Regards, (��������� ���������) > Ilia Chipitsine (���� �������) > > > >
