[squid-users] help with squid_session redirection

From: Craig <reswob10@dont-contact.us>
Date: Fri, 28 Dec 2007 14:23:41 -0500

I'm working on setting up squid_session to point users to an acceptable use
policy before they are allowed to surf and I just want to get a sanity check
on my config.

According the man pages (http://linuxreviews.org/man/squid_session/) and
several posts (i.e.
http://www.mail-archive.com/squid-users@squid-cache.org/msg45599.html) found
in this archive...

I should have the following lines in the TAG acl section of squid.conf:

    external_acl_type session ttl=300 negative_ttl=0 children=1
concurrency=200 %LOGIN /usr/lb/squid/squid_session
    acl session external session

(note: /usr/lib/squid/ is the where squid_session was put when squid
installed)

Then in the TAG http_access section, I should have the following:

    http_access deny !session

And finally in the TAG deny_info section, I place the following line:

    deny_info http://your.server/bannerpage?url=%s session

making sure that ?url=%s follows whatever url I put there for my AUP page.

However, the above settings did not force the test web client (configured to
use the proxy) to view the url for the http://your.server/bannerpage page
(currently a static web page to check functionality), so I changed the first
line to be:

    external_acl_type session ttl=300 negative_ttl=0 children=1
concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session -a

(note the -a at the end)
However, that just made the web client load the requested page really slow
without loading the url I for the AUP.

I don't have a database set up, I was just going to let the memory hold the
session details.

Why isn't it redirecting to the AUP? Any suggestions? Am I missing
something obvious?

Thanks.

Craig L. Bowser
Information Assurance Manager
-------------------------------
To lead a symphony You must occasionally turn your back on the crowd. -
Anonymous
Received on Fri Dec 28 2007 - 12:23:47 MST

This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:02 MST