Alan, For some reason I am unable to get in to apache slack channel with my account [email protected]
any other way to connect to check this? Regards Trilok Regards Trilok On Wed, Jun 23, 2021, 9:19 PM Alan Carroll <[email protected]> wrote: > Can you ping me on Slack? > > We use custom responses via body factory in production here for ATS 7, 9, > and 9.1 so it should work. What exactly did you set in "records.config"? > Does "/etc/trafficserver/body_factory" exist? Is that where you expect it > to look? > > On Wed, Jun 23, 2021 at 6:07 AM Trilok Nathreddy <[email protected]> > wrote: > >> Alan, >> >> I tested this again today , I have seen a lot of posts on this subject >> where earlier other engineers have faced similar issue but the PR are >> closed but didnt understand what the fix is. >> >> [Jun 23 09:15:09.356] [ET_NET 0] WARNING: Unable to access() directory >> '/etc/trafficserver/body_factory': 2, No such file or directory >> [Jun 23 09:15:09.356] [ET_NET 0] WARNING: Please set >> 'proxy.config.body_factory.template_sets_dir' >> [Jun 23 09:15:09.356] [ET_NET 0] WARNING: can't open response template >> directory '/etc/trafficserver/body_factory' (No such file or directory) >> >> I have tried to set it in the records.config and am version 10 but still >> no luck . So in principal then ATS will or will not support exception >> pages to be prompted back to users with in an organisation looking to use >> it as forward proxy deployment. >> >> Regards >> Trilok >> 9949994745 >> >> >> On Tue, Jun 22, 2021 at 6:55 PM Alan Carroll < >> [email protected]> wrote: >> >>> Any inbound connection that matches a "deny all" rule will be denied >>> with no message. This is by design because of concern about denial of >>> service attacks. The goal is to minimize resource consumption for denied >>> connections from specific sources. I see that you are using method based >>> permissions, which do need to read the user agent request before >>> application. It's been a while since I've worked on that, I'll need to >>> check the code to see how it is being handled in that case. >>> >>> On Tue, Jun 22, 2021 at 7:32 AM Trilok Nathreddy <[email protected]> >>> wrote: >>> >>>> Alan, >>>> >>>> So any thing denied from ip_allow can't be notified with custom >>>> exception page using the body_factory pages or any built in deny page? >>>> >>>> Regards >>>> Trilok >>>> >>>> >>>> >>>> >>>> >>>> On Mon, Jun 21, 2021, 10:02 PM Alan Carroll < >>>> [email protected]> wrote: >>>> >>>>> Ah, I misread your comment and thought you were using the outbound >>>>> controls. Unfortunately the point of the inbound control is to not talk to >>>>> banned user agents as little as possible and so the connection is >>>>> terminated immediately after the accept. No response is possible since ATS >>>>> doesn't even know what protocol the user agent is using (TLS? HTTP/2? >>>>> FTP?). What version of ATS are you using? >>>>> >>>>> On Mon, Jun 21, 2021 at 11:17 AM Trilok Nathreddy <[email protected]> >>>>> wrote: >>>>> >>>>>> Alan, >>>>>> >>>>>> No >>>>>> >>>>>> On Mon, Jun 21, 2021, 7:26 PM Alan Carroll < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> The "access#defined" template doesn't get used? >>>>>>> >>>>>>> On Mon, Jun 21, 2021 at 7:26 AM Trilok Nathreddy <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> I have configured the ip allow file to allow specific hosts to go >>>>>>>> out to internet in forward proxy deployment but I need to show an >>>>>>>> customized web page to the users who are denied. I checked the >>>>>>>> body_factory >>>>>>>> default page but it doesn't get popped to the users.do we need to >>>>>>>> configure >>>>>>>> anything extra to link this html page to the ACL? >>>>>>>> >>>>>>>> Regards >>>>>>>> Trilok >>>>>>>> 9949994745 >>>>>>>> >>>>>>>
