[squid-users] deny_info Question

From: Brad Taylor <btaylor@dont-contact.us>
Date: Tue, 15 May 2007 17:59:33 -0400

I'm using Squid 2.6 STABLE6 the deny_info function in the below config
worked in Squid 2.4 but is not working in 2.6 STABLE6. I get this error
message when going to http://192.168.60.19 (the squid server):

The following error was encountered:

Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:

Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
Your cache administrator is root.

------------------------------------------------------------------------
--------

Generated Tue, 15 May 2007 21:52:57 GMT by qa3 (squid/2.6.STABLE6)

I want to be redirected to https://qa3/ if coming from port 80.

My config:

http_port 80
https_port 443 cert=/etc/squid/autotask.net-11-07.pem
key=/etc/squid/autotask.net_key-11-07.pem options=NO_SSLv2
cipher=DEFAULT:!EXPORT:!LOW defaultsite=qa3
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl JS url_regex .js$
no_cache deny JS
acl CSS url_regex .css$
no_cache deny CSS
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
refresh_pattern -i \.jpg$ 0 100% 10080
refresh_pattern -i \.gif$ 0 100% 10080
refresh_pattern -i \.png$ 0 100% 10080
refresh_pattern -i \.bmp$ 0 100% 10080
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl CONNECT method CONNECT
acl port80 myport 80
acl port443 port 443
acl port563 port 563
acl TheOriginServer dst 192.168.60.40
#Recommended minimum configuration:
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
http_access allow port563
http_access allow port443
http_access deny port80
http_access allow TheOriginServer
http_access deny all
http_reply_access allow all
icp_access allow all
cache_peer 192.168.60.40 parent 80 0 no-query originserver
#2.4 Squid config next 4 lines
#httpd_accel_host 192.168.60.40
#httpd_accel_port 80
#httpd_accel_single_host on
#httpd_accle_with_proxy off
deny_info https://qa3/ port80
coredump_dir /var/spool/squid
visible_hostname qa3
logfile_rotate 9
negative_ttl 0 minutes
Received on Tue May 15 2007 - 16:00:31 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT