Re: [squid-users] TCP_DENIED_RELY 302 for error_map

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 08 Jul 2014 17:26:00 +1200

On 2014-07-08 08:38, SaRaVanAn wrote:
> Hi Amos,
> Thanks for your suggestion.
>
> Configuration
> -------------------
>
> Squid version: 3.1.20
>
> acl denied_status_404 http_status 404
> deny_info 404:http://example.com/ denied_status_404
> http_reply_access deny denied_status_404
>
> 1) If i try the above configuration browser is not redirectiong to
> example.com webpage. Instead I am getting page cannot be displayed.
>
> 2) Also access.log is still reporting 302 status code instead of 404.
>
> "263 172.19.131.179 TCP_DENIED_REPLY/302 365 GET
> http://www.google.com/index1.html..... "
>
> Am I missing anything?

Yes. There are two types of action Squid deny_info performs...

1) setting a reply payload/body for 2xx, 4xx, 5xx status codes.

2) redirecting to an alternative URL for 3xx status codes.

What you have configured is to set the status code to 404, then to
redirect to http://example.com/.

redirection does not work with 404, therefore Squid uses the default 302
status code to do the actual redirect. The client will then fetch the
new URL using GET.

The example I gave you was loading a static 404 error page template from
disk and sending it as the body/payload of that 404 response.

Also, I mentioned that Squid-3.2 was required to do the (1) payload
replacement. You are still using Squid-3.1.

Amos
Received on Tue Jul 08 2014 - 05:26:10 MDT

This archive was generated by hypermail 2.2.0 : Tue Jul 08 2014 - 12:00:05 MDT