Hi Sean,
You cannot have 2 or more ACLs matching the same source.
The first ACL for source 'client' is matched for a PC with
IP address range 10.0.0.0 - 10.0.255.255 and then
the 'pass rule' is used to make a decision on whether
to block or not.
The second ACL for 'client' is never used.
The solution: use a dynamic web page that can both handle
porn and ads, e.g. redirect http://thishost/cgi-bin/blocked.cgi?targetclass=%t
and use a 'blocked.cgi' perl or PHP script to display
the message that you want.
I am the author of ufdbGuard, an alternative for squidGuard
and ufdbGuard contains an example for the blocked.cgi script.
-Marcus
Sean Brown wrote:
> I'm trying to set up SquidGuard here to redirect to different pages for
> different things. For instance, ad blocking shouldn't go to the same
> page that policy violations do.
>
> I have something like the following
>
> dest ads {
> domainlist ads/domains
> url ads/urls
> }
>
> dest porn {
> domainlist porn/domains
> url porn/urls
> }
>
> src client {
> ip 10.0.0.0-10.0.255.255
> }
>
> acl {
> client {
> pass !porn
> redirect http://thishost/porn.html
> }
> client {
> pass !ads
> redirect http://thishost/ads.html
> }
> default {
> pass !in-addr all
> redirect http://thishost/policy.html
> }
> }
>
> Testing squidGuard from the command line, the porn blocking redirects
> correctly, but domains specified in ads do not redirect at all.
>
> Is what I'm trying possible with squidguard or should I be looking at a
> different redirector?
>
> Thanks.
>
>
Received on Fri Jun 19 2009 - 22:35:28 MDT
This archive was generated by hypermail 2.2.0 : Sat Jun 20 2009 - 12:00:03 MDT