> -----Original Message----- > From: Fajar Priyanto > > You're right. That's exactly what I want squidGuard does: to DENY > rather than redirect. But I don't how to do it. I've put > windowsupdate.microsoft.com into the 'banneddestination' list, > and that's what squidGuard does: redirecting the request to > "denied web page". > > How to make squidGuard to DENY request rather than redirecting?
Generally speaking, whether you block it with squidGuard or with Squid ACLs the result is the same for the user; they see a page that tells them they cannot go where they want to go. So I understand now that your question does not pertain to the user perspective, and is more likely concerning reporting issues. A Squid acl denial can give you an access.log entry that contains "TCP_DENIED/403". Due to limitations in Squid's redirector interface, the best you can do with squidGuard is "TCP_MISS/403". And for most of the logfile reporting packages, that's not good enough. Question for others on the list: Is it possible that "TCP_DENIED" could be achieved in a redirector environment using http_reply_access to look for a predetermined something-or-other indicating DENIED? Rick
