Alan, I tested this again today , I have seen a lot of posts on this subject where earlier other engineers have faced similar issue but the PR are closed but didnt understand what the fix is.
[Jun 23 09:15:09.356] [ET_NET 0] WARNING: Unable to access() directory '/etc/trafficserver/body_factory': 2, No such file or directory [Jun 23 09:15:09.356] [ET_NET 0] WARNING: Please set 'proxy.config.body_factory.template_sets_dir' [Jun 23 09:15:09.356] [ET_NET 0] WARNING: can't open response template directory '/etc/trafficserver/body_factory' (No such file or directory) I have tried to set it in the records.config and am version 10 but still no luck . So in principal then ATS will or will not support exception pages to be prompted back to users with in an organisation looking to use it as forward proxy deployment. Regards Trilok 9949994745 On Tue, Jun 22, 2021 at 6:55 PM Alan Carroll < [email protected]> wrote: > Any inbound connection that matches a "deny all" rule will be denied with > no message. This is by design because of concern about denial of service > attacks. The goal is to minimize resource consumption for denied > connections from specific sources. I see that you are using method based > permissions, which do need to read the user agent request before > application. It's been a while since I've worked on that, I'll need to > check the code to see how it is being handled in that case. > > On Tue, Jun 22, 2021 at 7:32 AM Trilok Nathreddy <[email protected]> > wrote: > >> Alan, >> >> So any thing denied from ip_allow can't be notified with custom exception >> page using the body_factory pages or any built in deny page? >> >> Regards >> Trilok >> >> >> >> >> >> On Mon, Jun 21, 2021, 10:02 PM Alan Carroll < >> [email protected]> wrote: >> >>> Ah, I misread your comment and thought you were using the outbound >>> controls. Unfortunately the point of the inbound control is to not talk to >>> banned user agents as little as possible and so the connection is >>> terminated immediately after the accept. No response is possible since ATS >>> doesn't even know what protocol the user agent is using (TLS? HTTP/2? >>> FTP?). What version of ATS are you using? >>> >>> On Mon, Jun 21, 2021 at 11:17 AM Trilok Nathreddy <[email protected]> >>> wrote: >>> >>>> Alan, >>>> >>>> No >>>> >>>> On Mon, Jun 21, 2021, 7:26 PM Alan Carroll < >>>> [email protected]> wrote: >>>> >>>>> The "access#defined" template doesn't get used? >>>>> >>>>> On Mon, Jun 21, 2021 at 7:26 AM Trilok Nathreddy <[email protected]> >>>>> wrote: >>>>> >>>>>> I have configured the ip allow file to allow specific hosts to go out >>>>>> to internet in forward proxy deployment but I need to show an customized >>>>>> web page to the users who are denied. I checked the body_factory default >>>>>> page but it doesn't get popped to the users.do we need to configure >>>>>> anything extra to link this html page to the ACL? >>>>>> >>>>>> Regards >>>>>> Trilok >>>>>> 9949994745 >>>>>> >>>>>
