I'm working on setting up squid_session to point users to an acceptable use
policy before they are allowed to surf and I just want to get a sanity check
on my config.
According the man pages (http://linuxreviews.org/man/squid_session/) and
several posts (i.e.
http://www.mail-archive.com/squid-users@squid-cache.org/msg45599.html) found
in this archive...
I should have the following lines in the TAG acl section of squid.conf:
external_acl_type session ttl=300 negative_ttl=0 children=1
concurrency=200 %LOGIN /usr/lb/squid/squid_session
acl session external session
(note: /usr/lib/squid/ is the where squid_session was put when squid
installed)
Then in the TAG http_access section, I should have the following:
http_access deny !session
And finally in the TAG deny_info section, I place the following line:
deny_info http://your.server/bannerpage?url=%s session
making sure that ?url=%s follows whatever url I put there for my AUP page.
However, the above settings did not force the test web client (configured to
use the proxy) to view the url for the http://your.server/bannerpage page
(currently a static web page to check functionality), so I changed the first
line to be:
external_acl_type session ttl=300 negative_ttl=0 children=1
concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session -a
(note the -a at the end)
However, that just made the web client load the requested page really slow
without loading the url I for the AUP.
I don't have a database set up, I was just going to let the memory hold the
session details.
Why isn't it redirecting to the AUP? Any suggestions? Am I missing
something obvious?
Thanks.
Craig L. Bowser
Information Assurance Manager
-------------------------------
To lead a symphony You must occasionally turn your back on the crowd. -
Anonymous
Received on Fri Dec 28 2007 - 12:23:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:02 MST