Bad redirection address



  • On my configuration, when a website is blocked by my blacklist, the redirection to the prohibition message is located at the LAN (192.168.2.1) when it should be on my OPT1 (192.168.3.1). These two networks are compartmentalized so the forbidden message can't be printed. I don't know how to get the redirection done on OPT1.  ???

    Thx



  • No idea what you mean here.

    These two networks are compartmentalized so the forbidden message can't be printed.

    What?

    I don't know how to get the redirection done on OPT1.

    You pick the correct Redirect Mode for your purposes and fill in the details.  Is there some reason you can't use the internal error page?



  • These two networks can't communicate which is normal because I created rules for.

    • LAN (192.168.2.0/24) => no proxy filter (OK)
    • OPT1 (192.168.3.0/24) => proxy filter by blacklist (OK)

    Redirection to show the forbidden message points to https://192.168.2.1/sgerror.php… instead of https://192.168.3.1/sgerror.php...
    And of course the message can't be displayed because these two networks can't communicate.

    On SquidGuard Common ACL, "Proxy Denied Error" is blank, Redirect mode int error page, Redirect info is blank. I don't try to change the forbidden message content but the URL to see it.



  • So add a rule above your LAN block so that OPT1 can talk to 192.168.2.1 on LAN.



  • Is that normal behavior?



  • Is that normal behavior?

    Define 'normal'  ;D

    While you can get Squid to accept request from multiple networks, I suspect it defaults to only one for redirects.  There may be a directive that you could add to the advanced config to change that but I'm not aware of it.  So you're left with finessing your rules to allow access to the int error page.



  • Thank you for your answers :)


Log in to reply