acl: dstdomain and dst

From: Jayme Cox <[email protected]>
Date: Thu, 5 Jun 1997 16:09:01 -0700 (PDT)

Hi,
        I have a squid server running as a proxy server which is the only
object allowed to talk to the outside world. We have several Web machines
inside our firewall which the squid server is NOT allowed to talk to. We
have a proxy.pac file which makes browsers go DIRECT to those internal Web
servers. However, every once in a while someone forgets to configure their
browser correctly and tries to go through the squid server to get to a
local web machine.
        I am trying to give an error message to those users to let them
know they need to configure their browsers correctly. This is the setup I
have now (only it doesn't work as expected):

acl badbrowser dstdomain LOCAL.com !squid.LOCAL.com
acl badurl url_regex ^http://*.LOCAL.com !^http://squid.LOCAL.com

http_access deny badbrowser
http_access deny badurl

deny_info http://squid.LOCAL.com:8080/heystupid.html badbrowser
deny_info http://squid.LOCAL.com:8080/heystupid.html badurl

Now, I have a web server running on squid.LOCAL.com:8080 which has a page
I'd like the user to get when they try something naughty. However, it
gives the same Access Denied message no matter what. Am I doing something
realy wrong?

Thanks,
                                        --Jayme
Received on Thu Jun 05 1997 - 16:11:03 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:28 MST