Interesting. I will check later. Thanks!
On Fri, Nov 9, 2018 at 9:54 PM Amos Jeffries wrote:
> On 10/11/18 3:15 PM, Michael Pelletier wrote:
> > Perhapse your Squid has been patched to remove it ?
> >
> > I am running 3.5.28. I have not installed any patches.
> >
> > Perhapse you are looking at
On 10/11/18 3:15 PM, Michael Pelletier wrote:
> Perhapse your Squid has been patched to remove it ?
>
> I am running 3.5.28. I have not installed any patches.
>
> Perhapse you are looking at the wrong headers ?
> X-Forwarded-For is only added to the request headers sent to servers.
>
> Yes.
Perhapse your Squid has been patched to remove it ?
I am running 3.5.28. I have not installed any patches.
Perhapse you are looking at the wrong headers ?
X-Forwarded-For is only added to the request headers sent to servers.
Yes. The XFF should be added to the request header and be seen by the
On 10/11/18 9:05 AM, Michael Pelletier wrote:
> Hello,
> I am running squid 3.5.28 and for some reason I can not get
> X-Forwarded-For added to the http headers. I have "forwarded_for on" and
> "via on" set in the squid.conf. Any ideas why this will not work?
>
Perhapse your Squid has been
Hello,
I am running squid 3.5.28 and for some reason I can not get X-Forwarded-For
added to the http headers. I have "forwarded_for on" and "via on" set in
the squid.conf. Any ideas why this will not work?
--
*Disclaimer: *Under Florida law, e-mail addresses are public records.
If you do
On 30.01.17 12:09, Andrea Venturoli wrote:
The answer to a direct connection (or to Squid with "forwarded_for
transparent") is:
HTTP/1.1 303 See other
Date: Mon, 30 Jan 2017 09:56:18 GMT
Server: Apache
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store,
Hello.
I've been invited to visit a web site and I couldn't see it.
Bypassing squid would solve the problem, so I made some some researches
and saw that adding "forwarded_for transparent" to my config would do.
I'm wondering what the reason might be...
tcpdump showed that:
1) initial
Thanks Amos, for the good explanation.
So this leads to: I'd like to anonymise my headers to the greatest
extent possible. Here is my config: https://pastee.org/khgtw
Does anyone have a recommended configuration for best privacy?
--
http://www.fastmail.fm - IMAP accessible web-mail
On 10/10/2013 5:53 p.m., merc1...@f-m.fm wrote:
On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote:
All such online header tools are really only delivering a report of the
headers which reached them. None of them have ever displayed The
Truth(tm). The internals of the browser itself contains a
HTML is a different story entirely from HTTP.
Manipuation of HTTP headers on every relay point they cross is mandatory.
Why?
One interesting case here is that if you add X-Forwarded-For on your
requests, does that value show up at his end?
I did try setting it to 127.0.0.1, but it didn't
On 11/10/2013 2:44 a.m., merc1...@f-m.fm wrote:
HTML is a different story entirely from HTTP.
Manipuation of HTTP headers on every relay point they cross is mandatory.
Why?
One interesting case here is that if you add X-Forwarded-For on your
requests, does that value show up at his end?
I
On 11/10/2013 2:44 a.m., merc1...@f-m.fm wrote:
HTML is a different story entirely from HTTP.
Manipuation of HTTP headers on every relay point they cross is mandatory.
Why?
a) Because HTML is a markup language for text documents. HTTP is a
protocol for software communication.
b) Being a
Looks like turning off x-forwarded-for, has been disabled now. Nothing
works. I've tried:
forwarded_for delete
forwarded_for off
forwarded_for transparent
request_header_replace X-Forwarded-For 127.0.0.1
request_header_access X-Forwarded-For deny all
reply_header_access X-Forwarded-For deny all
On 10/09/2013 10:15 AM, merc1...@f-m.fm wrote:
Looks like turning off x-forwarded-for, has been disabled now. Nothing
works.
To see what I'm talking about, go to
http://www.ericgiguere.com/tools/http-header-viewer.html
The above web page hosts a script that cannot be used as intended
Well for Heaven's sake.
What motivation could he possibly have for dinking with teh headers?
On Wed, Oct 9, 2013, at 11:08, Alex Rousskov wrote:
On 10/09/2013 10:15 AM, merc1...@f-m.fm wrote:
Looks like turning off x-forwarded-for, has been disabled now. Nothing
works.
To see what
I think you missed Alex's point.
That page itself sits behind a reverse proxy that adds X-Forwarded-For.
So using that for your testing isn't going to help.
On 10/09/2013 03:01 PM, merc1...@f-m.fm wrote:
Well for Heaven's sake.
What motivation could he possibly have for dinking with teh
Didn't miss his point and I understand exactly what he said.
My question is what possible motive could ericgiguere have for
misrepresenting headers, on a header query site?
It just doesn't make sense.
On Wed, Oct 9, 2013, at 12:05, Will Roberts wrote:
I think you missed Alex's point.
That
I'm sure it wasn't malicious. That tool was put up in 2003. At some
point in the past 10 years he probably put a reverse proxy in front of
his site. Maybe you should email him and tell him he's broken his header
tool.
On 10/09/2013 03:55 PM, merc1...@f-m.fm wrote:
Didn't miss his point and I
On 10/10/2013 9:05 a.m., Will Roberts wrote:
I'm sure it wasn't malicious. That tool was put up in 2003. At some
point in the past 10 years he probably put a reverse proxy in front of
his site. Maybe you should email him and tell him he's broken his
header tool.
But ... has he actually
On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote:
All such online header tools are really only delivering a report of the
headers which reached them. None of them have ever displayed The
Truth(tm). The internals of the browser itself contains a set of layers
doing header additions and
On 24/08/2013 5:50 p.m., David Isaacs wrote:
Amos,
I've also come across what Michael identified. This is actually a bug,
right? The checklist() constructor initialises checklist.src_addr correctly
based on acl_uses_indirect_client but it is then overridden with the
request's true client_addr
Amos,
I've also come across what Michael identified. This is actually a bug,
right? The checklist() constructor initialises checklist.src_addr correctly
based on acl_uses_indirect_client but it is then overridden with the
request's true client_addr by the calling function.
I filed it as #3895
On Sat, 2013-08-10 at 14:27 +1200, Amos Jeffries wrote:
Er. What Squid version are you using?
The checklist() constructor pulls those details out of the request
object itself in the current Squid versions.
The patch I provided was from trunk in the bazaar repo, but I'm actually
running
Hi all,
I've had a look at this issue and I believe I have found the problem.
Just to recap I have:
follow_x_forwarded_for allow localhost
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent 8881 0 proxy-only no-query
cache_peer_access 172.21.120.24 deny
Back to original squid.conf:
Instead of
follow_x_forwarded_for allow localhost
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent 8881 0 proxy-only no-query
cache_peer_access 172.21.120.24 deny forwardTrafficSubnet1
never_direct deny forwardTrafficSubnet1
On 10/08/2013 3:42 a.m., Michael Graham wrote:
Hi all,
I've had a look at this issue and I believe I have found the problem.
Just to recap I have:
follow_x_forwarded_for allow localhost
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent 8881 0 proxy-only no-query
On Tue, 2013-07-16 at 09:31 -0400, Michael Graham wrote:
On Tue, 2013-07-16 at 23:30 +1200, Amos Jeffries wrote:
Does the X-Forwarded-For header actually contain an IP from the
172.21.120.0/24 subnet (and not some IPv6 address from that subnets
IPv6 ranges).
Yeah it seems to be:
GET
On 16/07/2013 7:31 a.m., Michael Graham wrote:
Hi all,
I'm having a problem getting squid to select the upstream proxy based on
the source address set in the X-Forwarded-For header.
Here is the appropriate lines from my squid.conf:
follow_x_forwarded_for allow all
You should never have
On Tue, 2013-07-16 at 23:30 +1200, Amos Jeffries wrote:
Does the X-Forwarded-For header actually contain an IP from the
172.21.120.0/24 subnet (and not some IPv6 address from that subnets
IPv6 ranges).
Yeah it seems to be:
GET http://www.google.com/ HTTP/1.1
Accept: */*
Host: www.google.com
Hi all,
I'm having a problem getting squid to select the upstream proxy based on
the source address set in the X-Forwarded-For header.
Here is the appropriate lines from my squid.conf:
follow_x_forwarded_for allow all
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent
Hi friends,
I'm using squid/3.0.STABLE25 and I have a problem for access to a
webpage that checks the X-Forwarded-For header.
It looks like the web requires that X-Forwarded-For header contains only
the IP of my client, but my squid proxy are sending this header:
forwarded_for on --
Hi Guys,
I run a reverse proxy for a client. They are using XFF for restricting
certain content to IP.
We have noted that the following doesn't appear to work as it should:
header_replace X-Forwarded-For allow all
My understanding is that this will cause squid to replace the XFF header
On Mon, 21 Feb 2011 12:16:46 +1300 (NZDT), Pieter De Wit wrote:
Hi Guys,
I run a reverse proxy for a client. They are using XFF for
restricting certain content to IP.
We have noted that the following doesn't appear to work as it
should:
header_replace X-Forwarded-For allow all
My
Hi Amos,
Thanks for the reply - I remember seeing the doc bug :)
I am building the Deb6 boxes as we speak (ext4+squid 3.1 is sounding very
nice)
Cheers,
Pieter
On Mon, 21 Feb 2011, Amos Jeffries wrote:
On Mon, 21 Feb 2011 12:16:46 +1300 (NZDT), Pieter De Wit wrote:
Hi Guys,
I run a
Hi Amos,
just had a go at this:
request_header_access X-Forwarded-For deny
header_replace X-Forwarded-For
and it's still passing XFF from another source thru - Nothing to urgent
since the Deb6 boxes are getting built :) But if you spot something ?
Cheers,
Pieter
On 21/02/11 16:33, Pieter De Wit wrote:
Hi Amos,
just had a go at this:
request_header_access X-Forwarded-For deny
header_replace X-Forwarded-For
and it's still passing XFF from another source thru - Nothing to urgent
since the Deb6 boxes are getting built :) But if you spot something ?
On 21/02/2011 18:16, Amos Jeffries wrote:
On 21/02/11 16:33, Pieter De Wit wrote:
Hi Amos,
just had a go at this:
request_header_access X-Forwarded-For deny
header_replace X-Forwarded-For
and it's still passing XFF from another source thru - Nothing to urgent
since the Deb6 boxes are getting
Hi,
Does squid-3.0 have X-Forwarded-For enabled built-in?
Since I don't see that a configure directive in squid.conf.
Thanks.
Need a Holiday? Win a $10,000 Holiday of your choice. Enter
On Sun, 7 Jun 2009 23:02:21 +0800 (CST), Tech W. tech...@yahoo.com.cn
wrote:
Hi,
Does squid-3.0 have X-Forwarded-For enabled built-in?
Since I don't see that a configure directive in squid.conf.
All squid 3.x have the basic forwarded_for on/off and forwarding additions
working.
3.1 is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello!
Are there any plans to implement the X-Forwarded-For feature in Squid3?
We had to use Squid3 due to some ICAP project stuff and we will need the
X-Forwarded-For feature for some other stuff too...
Greetings,
Matthias
-BEGIN PGP
Silamael wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello!
Are there any plans to implement the X-Forwarded-For feature in Squid3?
We had to use Squid3 due to some ICAP project stuff and we will need the
X-Forwarded-For feature for some other stuff too...
Yes. It is already done
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Amos Jeffries wrote:
Yes. It is already done and in Squid 3.1.
We've had a fair number of annoyances found with the 3.1.0.2 packages
not including everything they needed for the new code. One more in
todays snapshot. So for testing I'd advise
On Wed, 2008-03-26 at 11:24 -0300, c0re dumped wrote:
Hello,
Is there a new x-forwarded-for patch to be used on squid3 ?
http://devel.squid-cache.org/projects.html#follow_xff
but it hasn't been updated in quite some time.. (years) and probably
doesn't work too well with current squid3...
Hello,
Is there a new x-forwarded-for patch to be used on squid3 ?
I've searching a lot but without success.
In my opinion such a good feature must be added to the squid base
code. It's really helpful especially if you're using a content filter
such as DansGuardian.
TIA,
c0re
--
On 24.09.07 19:32, Gustavo Uribe wrote:
Hello list, sorry to bother you with a question, but i've been
browsing teh internets for a few hours now without finding a clue.
What im trying to do is... get in squid access.log the client IP, but
since im using dansguardian , the front proxy is dg
On 9/24/07, Gustavo Uribe [EMAIL PROTECTED] wrote:
Hello list, sorry to bother you with a question, but i've been
browsing teh internets for a few hours now without finding a clue.
What im trying to do is... get in squid access.log the client IP, but
since im using dansguardian , the front
Hello list, sorry to bother you with a question, but i've been
browsing teh internets for a few hours now without finding a clue.
What im trying to do is... get in squid access.log the client IP, but
since im using dansguardian , the front proxy is dg and squid only
sees conecctions from
Hi,
does anybody know if it is possible to access the X-Forwarded-Header inside of
a rewriter script (squid used as reverse proxy). AFAIK, there is only the
ip-address of the requesting server available which may be the ip of another
cache-server.
Background: We have another external cache
[EMAIL PROTECTED] wrote:
Hi,
does anybody know if it is possible to access the X-Forwarded-Header inside of
a rewriter script (squid used as reverse proxy). AFAIK, there is only the
ip-address of the requesting server available which may be the ip of another
cache-server.
Background: We
tis 2006-06-06 klockan 13:26 -0800 skrev Chris Robertson:
http://devel.squid-cache.org/projects.html#follow_xff might be just what
you are looking for. Be aware that development patches are not
supported and may set your hair on fire.
This patch has been included in the upcoming 2.6
After following some instrucions on this list I downloaded
squid-2.5.STABLE9 and patched with the x_forwarded_for patch and
nothing works.
here is a summary of what I did:
downloaded and untarred STABLE9
Stefano (the squid package maintainer for squid) graciously provided me
the ./configure
I don't see anything with regard to the x-forward-patch being included in
STABLE12. The diff file does not mention anything either. Is this a distro
specific thing?
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To: squid-users@squid-cache.org
Subject: [squid-users] x-forwarded-for patch (again
On Sun, 16 Oct 2005, [EMAIL PROTECTED] wrote:
as instructed I ran ./bootstrap.sh and I get this output and error message:
WARNING: Cannot find automake version 1.5
Trying automake (GNU automake) 1.9.5
WARNING: Cannot find autoconf version 2.13
Trying autoconf (GNU Autoconf) 2.59
You need to
Quoting Lucia Di Occhi [EMAIL PROTECTED]:
I don't see anything with regard to the x-forward-patch being
included in STABLE12. The diff file does not mention anything
either. Is this a distro specific thing?
Lucia:
Squid has several enhancement options that may or may not fit any
On Sun, 16 Oct 2005, Lucia Di Occhi wrote:
I don't see anything with regard to the x-forward-patch being included in
STABLE12.
It's not.
The diff file does not mention anything either. Is this a distro
specific thing?
What is talked about is the Follow X-Forwarded-For headers patch
On Sun, 16 Oct 2005, [EMAIL PROTECTED] wrote:
Squid has several enhancement options that may or may not fit any particular
user, and most (if not all) of them are hosted on a dedicated squid projects
page that used to be at squid.sourceforge.net
Uset to? That page is very much still there..
I am posting this on both dansguardian and squid
lists so that it can help
anyone with the x-forwarded-for patch.
Download squid-2.5.STABLE9.tar.gz and
follow_xff-2.5.STABLE5.patch on /tmp
Extract the squid tar file with: tar xvfz
squid-2.5.STABLE9.tar.gz
copy
Download squid-2.5.STABLE9.tar.gz and
follow_xff-2.5.STABLE5.patch on /tmp
Extract the squid tar file with: tar xvfz
squid-2.5.STABLE9.tar.gz
copy follow_xff-2.5.STABLE5.patch to
/tmp/squid-2.5.STABLE9
cd to /tmp/squid-2.5.STABLE9 and execute: patch
-p0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sarav,
Same here, until stable10, i can apply the rejects manually, but it
doesnt work with stable11 anymore.
regards,
Kenneth
Anybody got success this patch with squid-2.5.STABLE11? Pls help
me.
Sarav
__
--- saravanan ganapathy [EMAIL PROTECTED] wrote:
--- Henrik Nordstrom [EMAIL PROTECTED] wrote:
On Wed, 9 Mar 2005, saravanan ganapathy wrote:
Hand edit the files, adding the changes patch
could
not automatically
figure out what to do with (failed/rejected).
What
On Fri, 11 Mar 2005, saravanan ganapathy wrote:
Really I don't know what to be changed in
src/structs.h src/structs.h.rej
Pls help me
Sarav
I tried to find the docs in the net,but couldn't.
The .rej file shows what should be changed in the file.
Regards
Henrik
On Wed, 9 Mar 2005, saravanan ganapathy wrote:
Hand edit the files, adding the changes patch could
not automatically
figure out what to do with (failed/rejected).
What are the files to be edited? What are all the
changes to be done?
See the output of the patch command. There is two filenames
Hai
When I tried to apply follow_xff-2.5.patch on
squid-2.5.STABLE9 , I am getting the following error
patching file src/structs.h
Hunk #1 FAILED at 592.
Hunk #2 succeeded at 634 (offset 16 lines).
Hunk #3 succeeded at 1619 (offset 7 lines).
Hunk #4 succeeded at 1679 (offset 16 lines).
Hunk #5
On Wed, 9 Mar 2005, saravanan ganapathy wrote:
Hai
When I tried to apply follow_xff-2.5.patch on
squid-2.5.STABLE9 , I am getting the following error
patching file src/structs.h
Hunk #1 FAILED at 592.
Hunk #2 succeeded at 634 (offset 16 lines).
Hunk #3 succeeded at 1619 (offset 7 lines).
Hunk #4
--- Henrik Nordstrom [EMAIL PROTECTED] wrote:
On Wed, 9 Mar 2005, saravanan ganapathy wrote:
Hai
When I tried to apply follow_xff-2.5.patch on
squid-2.5.STABLE9 , I am getting the following
error
patching file src/structs.h
Hunk #1 FAILED at 592.
Hunk #2 succeeded at 634
Hi folks,
My Squid always modifies the X-Forwarded-For header with the client-IP.
I'm now in a situation I want to keep the X-Forwarded-For header as it
is..
As far as i see it's only possible to disable the X-forwarded-for
header, which will result the header as:
X-Forwarded-For: Unknown.
At
Yep, I think I'm in the same situation.
I think it's better that when we set forwarded_for off in
squid.conf, we should never see X-Forwarded-For: Unknown. when there
is no X-Forwarded-For previously, and squid will not add unknown
when we already have one.
On Wed, 17 Nov 2004 10:12:38
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all kinds of
trouble. I downloaded squid-2.5.STABLE4 and the patch listed here:
http://squid.sourceforge.net/follow_xff/ but when I do the patch and then run
bootstrap.sh, I get all kinds of
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all kinds
of trouble. I downloaded squid-2.5.STABLE4 and the patch listed here:
http://squid.sourceforge.net/follow_xff/ but when I do the patch and
then run
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all
kinds of trouble. I downloaded squid-2.5.STABLE4 and the patch
listed here: http://squid.sourceforge.net/follow_xff/ but when I do
the patch and
Scott Mayo wrote:
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all
kinds of trouble. I downloaded squid-2.5.STABLE4 and the patch
listed here: http://squid.sourceforge.net/follow_xff/ but when I do
-Original Message-
From: Scott Mayo [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 21, 2004 11:54 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [squid-users] X-Forwarded-For
Scott Mayo wrote:
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote
Scott Mayo wrote:
Scott Mayo wrote:
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all
kinds of trouble. I downloaded squid-2.5.STABLE4 and the patch
listed here:
On Thu, 21 Oct 2004, Scott Mayo wrote:
I got to looking and there is actually only 1 major issue I guess. The
others say that something is deprecated and discouraged.
Can't find autoconf version 2.13
trying version 2.59
Squid-2.5 needs autoconf 2.13. You will also see this warning/error if you
On Thu, 21 Oct 2004, Scott Mayo wrote:
After reading more about this, I assume that I need to actually go to
http://ftp.gnu.org/gnu/autoconf/ and download the correct version of
autoconf. Is downgrading to autoconf 2.13 going to effect anything else in
my system? I am running Fedora 2.
Fedora
On Thu, 21 Oct 2004, Scott Mayo wrote:
configure.in:: warning: AC_TRY_RUN called without default to allow cross
compiling.
It then said that bootstrapping was complete. Are these warnings alright?
Yes.
Regards
Henrik
I am trying to patch squid with X-Forwarded-For and run into all kinds
of trouble. I downloaded squid-2.5.STABLE4 and the patch listed here:
http://squid.sourceforge.net/follow_xff/ but when I do the patch and
then run bootstrap.sh, I get all kinds of ERRORS and WARNINGS. Is there
a newer
On Mon, 12 Jul 2004, Marco Berizzi wrote:
I'm experimenting a problem with a web site because
X-Forwarded-For is unknown.
If the X-Forwarded-For header says unknown then you have set
forwarded_for off in squid.conf.
If it is completely missing then you have denied it from header_access.
I'm experimenting a problem with a web site because
X-Forwarded-For is unknown.
However squid.conf.default shows that X-Forwarded-For is
on by default.
My squid.conf modify only the User-Agent header:
header_access User-Agent deny all
header_replace User-Agent Mozilla/5.0 (X11; U; Linux i686;
However squid.conf.default shows that X-Forwarded-For is
on by default.
I presume this is not changed in the current squid.conf by
setting this parameter to off , for instance ?
No, it is not changed.
Probably not, you can debug the situation further with :
However squid.conf.default shows that X-Forwarded-For is
on by default.
I presume this is not changed in the current squid.conf by
setting this parameter to off , for instance ?
No, it is not changed.
Probably not, you can debug the situation further with :
Buhh... sorry: 2.5.STABLE6 compiled from source on Slackware 9.1
kernel 2.4.26 gcc 3.2.3 glibc 2.3.2
Ok, clueless for the moment,but one sanity check,to proof
that is related to the header_deny,header_access stuff you use
in squid.conf :
- if that is not done, is the situation
Hi all,
I have patched the squid with the X-Forward-For header
patch.
But, still no luck. I am still getting 127.0.0.1 in
access.log.
My current setup is Dansguardian - Squid
Dansguardian is listning on 8080 and squid is
listnening on 3128 on 127.0.0.1. I have enabled ip
forwrding in Dansguardian.
On Tue, 3 Feb 2004, Abdul Khader wrote:
Hi all,
I have patched the squid with the X-Forward-For header
patch.
But, still no luck. I am still getting 127.0.0.1 in
access.log.
Is Dansguardian sending a X-Forwarded-For header to Squid?
Have you told Squid to look into the header? (see
[EMAIL PROTECTED] wrote:
hi, i have the clients, behind them i have squid_A, and behind squid_A i
have squid_B.
i want that clients IP appear in access.log of squid_B, how i do it?
regards.
Drop back question : is this possible ?
Answer : no
M.
--
'Time is a consequence
mån 2003-03-17 klockan 18.04 skrev Marc Elsen:
[EMAIL PROTECTED] wrote:
hi, i have the clients, behind them i have squid_A, and behind squid_A i
have squid_B.
i want that clients IP appear in access.log of squid_B, how i do it?
regards.
Drop back question : is this possible
See http://devel.squid-cache.org/projects.html#follow_xff
Regards
Henrik
Jason M. Kusar wrote:
Not sure if this is possible, but does anyone know whether it is
possible for squid to look at the ip specified in the X-Forwarded-For
header instead of the origin ip? Basically I want to use
Not sure if this is possible, but does anyone know whether it is
possible for squid to look at the ip specified in the X-Forwarded-For
header instead of the origin ip? Basically I want to use source ACL's,
but I can't right now because the squid proxy is the second in line so
it sees all
1) is it possible to config squid NOT to set this header at all?
I think
header_access X-Forwarded-For deny all
should do.
You can remove it from the source if you feel inclined so. Just do a grep
-r.
Don't have answers to other questions.
Tesla
That works! amazing.
I thought header_access and header_replace only works for
the headers that come from the client. not the ones (like,
X-Forwarded-For) that are set from squid itself. I actually tried
header_replace X-Forwarded-For 1.2.3.4
a few days ago but still got unknown.
btw, if I set
Frank Liu wrote:
2) is it possible to config quid to send a user defined IP (say
the IP of the proxy server itself), rather than unknown ?
Should be possible to change the header to say whatever you feel like
via header_replace.
on a related one, is it possible to insert an customer HTTP
91 matches
Mail list logo