On Wed, 2004-12-08 at 14:34, messmate wrote: > >This is correct. Squid by default includes a "X-Forwarded-For: header > >on each HTTP request showing the original requesting IP address. This > >can be disabled in squid.conf with "forwarded_for off". > > > Sorry, not correct. I'm behind my squid and forwarded on or off the > header is there !
the X-Forwarded-For header is present whether you set the "forwarded_for" directive to "on" or "off"--the difference is that with it set to "off" the header reads: X-Forwarded-For: unknown\r\n which would rule it out as the source of the IP leak that the OP is asking about. you can also control what is shown in the Via header by setting the "visible_hostname" directive. again--ruling out squid as the source of the leak... oh--and if the "Via: " header bugs you: header_access Via deny all works without and recompile... as does: header_access X-Forwarded-For deny all -j -- "Oh, so they have internet on computers now!" --The Simpsons