Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bad redirection address

    Scheduled Pinned Locked Moved Cache/Proxy
    7 Posts 2 Posters 668 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alexssi
      last edited by

      On my configuration, when a website is blocked by my blacklist, the redirection to the prohibition message is located at the LAN (192.168.2.1) when it should be on my OPT1 (192.168.3.1). These two networks are compartmentalized so the forbidden message can't be printed. I don't know how to get the redirection done on OPT1.  ???

      Thx

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        No idea what you mean here.

        These two networks are compartmentalized so the forbidden message can't be printed.

        What?

        I don't know how to get the redirection done on OPT1.

        You pick the correct Redirect Mode for your purposes and fill in the details.  Is there some reason you can't use the internal error page?

        1 Reply Last reply Reply Quote 0
        • A
          alexssi
          last edited by

          These two networks can't communicate which is normal because I created rules for.

          • LAN (192.168.2.0/24) => no proxy filter (OK)
          • OPT1 (192.168.3.0/24) => proxy filter by blacklist (OK)

          Redirection to show the forbidden message points to https://192.168.2.1/sgerror.php… instead of https://192.168.3.1/sgerror.php...
          And of course the message can't be displayed because these two networks can't communicate.

          On SquidGuard Common ACL, "Proxy Denied Error" is blank, Redirect mode int error page, Redirect info is blank. I don't try to change the forbidden message content but the URL to see it.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            So add a rule above your LAN block so that OPT1 can talk to 192.168.2.1 on LAN.

            1 Reply Last reply Reply Quote 0
            • A
              alexssi
              last edited by

              Is that normal behavior?

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                Is that normal behavior?

                Define 'normal'  ;D

                While you can get Squid to accept request from multiple networks, I suspect it defaults to only one for redirects.  There may be a directive that you could add to the advanced config to change that but I'm not aware of it.  So you're left with finessing your rules to allow access to the int error page.

                1 Reply Last reply Reply Quote 0
                • A
                  alexssi
                  last edited by

                  Thank you for your answers :)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.