Re: [squid-users] Question using deny_info

[Henrik Nordstrom]

On Tue, 13 Apr 2004, M J wrote:

> I have here two acls that I would like to use with deny_info but I dont 
> know how.

deny_info matches the last acl name on the "http_access deny" line which 
denied the access.

> For the first acl I know that deny_info works fine but I dont know how to 
> use the second acl with deny_info and both of them together.

THe first line will match ip_unico in deny_info, if the user is using more 
than his allowed IP addresses.

The second will match deny_info with the acl "ldap" until the user has 
logged in, but as max_user_ip also requires the user to log in this will 
never happen.

You probably want the following http_access rules

http_access deny ldap ip_unico
http_access allow ldap
http_access deny all

This allows you to use the ldap and ip_unico acls in deny info, ldap for 
the "login required" message, ip_unico for when the user is using too many 
IP addresses..

Regards
Henrik