Thanks Amos, for the good explanation.
So this leads to: I'd like to anonymise my headers to the greatest
extent possible. Here is my config: https://pastee.org/khgtw
Does anyone have a recommended configuration for best privacy?
--
http://www.fastmail.fm - IMAP accessible web-mail
On 11/10/2013 2:44 a.m., merc1...@f-m.fm wrote:
HTML is a different story entirely from HTTP.
Manipuation of HTTP headers on every relay point they cross is mandatory.
Why?
a) Because HTML is a markup language for text documents. HTTP is a
protocol for software communication.
b) Being a co
On 11/10/2013 2:44 a.m., merc1...@f-m.fm wrote:
HTML is a different story entirely from HTTP.
Manipuation of HTTP headers on every relay point they cross is mandatory.
Why?
One interesting case here is that if you add X-Forwarded-For on your
requests, does that value show up at his end?
I did
> HTML is a different story entirely from HTTP.
> Manipuation of HTTP headers on every relay point they cross is mandatory.
Why?
> >> One interesting case here is that if you add X-Forwarded-For on your
> >> requests, does that value show up at his end?
> > I did try setting it to 127.0.0.1, but
On 10/10/2013 5:53 p.m., merc1...@f-m.fm wrote:
On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote:
All such online header tools are really only delivering a report of the
headers which reached them. None of them have ever displayed "The
Truth"(tm). The internals of the browser itself contains a
On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote:
> All such online header tools are really only delivering a report of the
> headers which reached them. None of them have ever displayed "The
> Truth"(tm). The internals of the browser itself contains a set of layers
> doing header additions an
On 10/10/2013 9:05 a.m., Will Roberts wrote:
I'm sure it wasn't malicious. That tool was put up in 2003. At some
point in the past 10 years he probably put a reverse proxy in front of
his site. Maybe you should email him and tell him he's broken his
header tool.
But ... has he actually broken
I'm sure it wasn't malicious. That tool was put up in 2003. At some
point in the past 10 years he probably put a reverse proxy in front of
his site. Maybe you should email him and tell him he's broken his header
tool.
On 10/09/2013 03:55 PM, merc1...@f-m.fm wrote:
Didn't miss his point and I
Didn't miss his point and I understand exactly what he said.
My question is what possible motive could ericgiguere have for
misrepresenting headers, on a header query site?
It just doesn't make sense.
On Wed, Oct 9, 2013, at 12:05, Will Roberts wrote:
> I think you missed Alex's point.
>
> Tha
I think you missed Alex's point.
That page itself sits behind a reverse proxy that adds X-Forwarded-For.
So using that for your testing isn't going to help.
On 10/09/2013 03:01 PM, merc1...@f-m.fm wrote:
Well for Heaven's sake.
What motivation could he possibly have for dinking with teh hea
Well for Heaven's sake.
What motivation could he possibly have for dinking with teh headers?
On Wed, Oct 9, 2013, at 11:08, Alex Rousskov wrote:
> On 10/09/2013 10:15 AM, merc1...@f-m.fm wrote:
> > Looks like turning off x-forwarded-for, has been disabled now. Nothing
> > works.
>
> > To see
On 10/09/2013 10:15 AM, merc1...@f-m.fm wrote:
> Looks like turning off x-forwarded-for, has been disabled now. Nothing
> works.
> To see what I'm talking about, go to
> http://www.ericgiguere.com/tools/http-header-viewer.html
The above web page hosts a script that cannot be used as intended
be
Looks like turning off x-forwarded-for, has been disabled now. Nothing
works. I've tried:
forwarded_for delete
forwarded_for off
forwarded_for transparent
request_header_replace X-Forwarded-For 127.0.0.1
request_header_access X-Forwarded-For deny all
reply_header_access X-Forwarded-For deny all
On 24/08/2013 5:50 p.m., David Isaacs wrote:
Amos,
I've also come across what Michael identified. This is actually a bug,
right? The checklist() constructor initialises checklist.src_addr correctly
based on acl_uses_indirect_client but it is then overridden with the
request's "true" client_addr
Amos,
I've also come across what Michael identified. This is actually a bug,
right? The checklist() constructor initialises checklist.src_addr correctly
based on acl_uses_indirect_client but it is then overridden with the
request's "true" client_addr by the calling function.
I filed it as #3895
On Sat, 2013-08-10 at 14:27 +1200, Amos Jeffries wrote:
> Er. What Squid version are you using?
>
> The checklist() constructor pulls those details out of the request
> object itself in the current Squid versions.
The patch I provided was from trunk in the bazaar repo, but I'm actually
running s
On 10/08/2013 3:42 a.m., Michael Graham wrote:
Hi all,
I've had a look at this issue and I believe I have found the problem.
Just to recap I have:
follow_x_forwarded_for allow localhost
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent 8881 0 proxy-only no-query
cach
Back to original squid.conf:
Instead of
follow_x_forwarded_for allow localhost
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent 8881 0 proxy-only no-query
cache_peer_access 172.21.120.24 deny forwardTrafficSubnet1
never_direct deny forwardTrafficSubnet1
cache_peer_acce
Hi all,
I've had a look at this issue and I believe I have found the problem.
Just to recap I have:
follow_x_forwarded_for allow localhost
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent 8881 0 proxy-only no-query
cache_peer_access 172.21.120.24 deny forwardTrafficSu
On Tue, 2013-07-16 at 09:31 -0400, Michael Graham wrote:
> On Tue, 2013-07-16 at 23:30 +1200, Amos Jeffries wrote:
> > Does the X-Forwarded-For header actually contain an IP from the
> > 172.21.120.0/24 subnet (and not some IPv6 address from that subnets
> > IPv6 ranges).
>
> Yeah it seems to be:
On Tue, 2013-07-16 at 23:30 +1200, Amos Jeffries wrote:
> Does the X-Forwarded-For header actually contain an IP from the
> 172.21.120.0/24 subnet (and not some IPv6 address from that subnets
> IPv6 ranges).
Yeah it seems to be:
GET http://www.google.com/ HTTP/1.1
Accept: */*
Host: www.google.co
On 16/07/2013 7:31 a.m., Michael Graham wrote:
Hi all,
I'm having a problem getting squid to select the upstream proxy based on
the source address set in the X-Forwarded-For header.
Here is the appropriate lines from my squid.conf:
follow_x_forwarded_for allow all
You should never have "allo
Hi all,
I'm having a problem getting squid to select the upstream proxy based on
the source address set in the X-Forwarded-For header.
Here is the appropriate lines from my squid.conf:
follow_x_forwarded_for allow all
acl forwardTrafficSubnet1 src 172.21.120.0/24
cache_peer 172.21.120.24 parent
El 29/04/2012 3:23, escribió:
> Sorry for the top post.
>
> Firstly that website is broken. Xff is a list header and always has
> been.
>
> Secondly 3.0 is an extremely old Squid version which only supports
> on/off for the forwarded_for directive. You need to upgrade.
>
> Amos
Thank you ver
Hi friends,
I'm using squid/3.0.STABLE25 and I have a problem for access to a
webpage that checks the X-Forwarded-For header.
It looks like the web requires that X-Forwarded-For header contains only
the IP of my client, but my squid proxy are sending this header:
forwarded_for on --> X-Forwarded
On 21/02/2011 18:16, Amos Jeffries wrote:
On 21/02/11 16:33, Pieter De Wit wrote:
Hi Amos,
just had a go at this:
request_header_access X-Forwarded-For deny
header_replace X-Forwarded-For
and it's still passing XFF from another source thru - Nothing to urgent
since the Deb6 boxes are getting
On 21/02/11 16:33, Pieter De Wit wrote:
Hi Amos,
just had a go at this:
request_header_access X-Forwarded-For deny
header_replace X-Forwarded-For
and it's still passing XFF from another source thru - Nothing to urgent
since the Deb6 boxes are getting built :) But if you spot something ?
Just
Hi Amos,
just had a go at this:
request_header_access X-Forwarded-For deny
header_replace X-Forwarded-For
and it's still passing XFF from another source thru - Nothing to urgent
since the Deb6 boxes are getting built :) But if you spot something ?
Cheers,
Pieter
Hi Amos,
Thanks for the reply - I remember seeing the doc bug :)
I am building the Deb6 boxes as we speak (ext4+squid 3.1 is sounding very
nice)
Cheers,
Pieter
On Mon, 21 Feb 2011, Amos Jeffries wrote:
On Mon, 21 Feb 2011 12:16:46 +1300 (NZDT), Pieter De Wit wrote:
Hi Guys,
I run a reve
On Mon, 21 Feb 2011 12:16:46 +1300 (NZDT), Pieter De Wit wrote:
Hi Guys,
I run a reverse proxy for a client. They are using XFF for
restricting certain content to IP.
We have noted that the following doesn't "appear" to work as it
should:
header_replace X-Forwarded-For allow all
My understa
Hi Guys,
I run a reverse proxy for a client. They are using XFF for restricting
certain content to IP.
We have noted that the following doesn't "appear" to work as it should:
header_replace X-Forwarded-For allow all
My understanding is that this will cause squid to replace the XFF header
wi
On Sun, 7 Jun 2009 23:02:21 +0800 (CST), "Tech W."
wrote:
> Hi,
>
> Does squid-3.0 have X-Forwarded-For enabled built-in?
> Since I don't see that a configure directive in squid.conf.
>
All squid 3.x have the basic forwarded_for on/off and forwarding additions
working.
3.1 is needed for the mor
Hi,
Does squid-3.0 have X-Forwarded-For enabled built-in?
Since I don't see that a configure directive in squid.conf.
Thanks.
Need a Holiday? Win a $10,000 Holiday of your choice. Enter
now.http://us.lrd.yahoo.com/_ylc=X3oDMTJxN2x2ZmNpBF9zAzIwMjM2MTY2MTMEdG1fZG1lY2gDVGV4dCBMaW5rBHRtX2x
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Amos Jeffries wrote:
> Yes. It is already done and in Squid 3.1.
>
> We've had a fair number of annoyances found with the 3.1.0.2 packages
> not including everything they needed for the new code. One more in
> todays snapshot. So for testing I'd advis
Silamael wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello!
Are there any plans to implement the X-Forwarded-For feature in Squid3?
We had to use Squid3 due to some ICAP project stuff and we will need the
X-Forwarded-For feature for some other stuff too...
Yes. It is already done an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello!
Are there any plans to implement the X-Forwarded-For feature in Squid3?
We had to use Squid3 due to some ICAP project stuff and we will need the
X-Forwarded-For feature for some other stuff too...
Greetings,
Matthias
-BEGIN PGP SIGNATURE--
On Wed, 2008-03-26 at 11:24 -0300, c0re dumped wrote:
> Hello,
>
> Is there a new x-forwarded-for patch to be used on squid3 ?
http://devel.squid-cache.org/projects.html#follow_xff
but it hasn't been updated in quite some time.. (years) and probably
doesn't work too well with current squid3...
Hello,
Is there a new x-forwarded-for patch to be used on squid3 ?
I've searching a lot but without success.
In my opinion such a good feature must be added to the squid base
code. It's really helpful especially if you're using a content filter
such as DansGuardian.
TIA,
c0re
--
http://www.
On 9/24/07, Gustavo Uribe <[EMAIL PROTECTED]> wrote:
> Hello list, sorry to bother you with a question, but i've been
> browsing teh internets for a few hours now without finding a clue.
>
> What im trying to do is... get in squid access.log the client IP, but
> since im using dansguardian , the "f
On 24.09.07 19:32, Gustavo Uribe wrote:
> Hello list, sorry to bother you with a question, but i've been
> browsing teh internets for a few hours now without finding a clue.
>
> What im trying to do is... get in squid access.log the client IP, but
> since im using dansguardian , the "front" proxy
Hello list, sorry to bother you with a question, but i've been
browsing teh internets for a few hours now without finding a clue.
What im trying to do is... get in squid access.log the client IP, but
since im using dansguardian , the "front" proxy is dg and squid only
sees conecctions from localho
tis 2006-06-06 klockan 13:26 -0800 skrev Chris Robertson:
> http://devel.squid-cache.org/projects.html#follow_xff might be just what
> you are looking for. Be aware that development patches are not
> supported and may set your hair on fire.
This patch has been included in the upcoming 2.6 rel
[EMAIL PROTECTED] wrote:
Hi,
does anybody know if it is possible to access the X-Forwarded-Header inside of
a rewriter script (squid used as reverse proxy). AFAIK, there is only the
ip-address of the requesting server available which may be the ip of another
cache-server.
Background: We hav
Hi,
does anybody know if it is possible to access the X-Forwarded-Header inside of
a rewriter script (squid used as reverse proxy). AFAIK, there is only the
ip-address of the requesting server available which may be the ip of another
cache-server.
Background: We have another external cache ser
On Sun, 16 Oct 2005, [EMAIL PROTECTED] wrote:
Squid has several enhancement options that may or may not fit any particular
user, and most (if not all) of them are hosted on a dedicated squid projects
page that used to be at squid.sourceforge.net
Uset to? That page is very much still there.. b
On Sun, 16 Oct 2005, Lucia Di Occhi wrote:
I don't see anything with regard to the x-forward-patch being included in
STABLE12.
It's not.
The diff file does not mention anything either. Is this a distro
specific thing?
What is talked about is the "Follow X-Forwarded-For headers" patch
a
Quoting Lucia Di Occhi <[EMAIL PROTECTED]>:
I don't see anything with regard to the x-forward-patch being
included in STABLE12. The diff file does not mention anything
either. Is this a distro specific thing?
Lucia:
Squid has several enhancement options that may or may not fit any
parti
On Sun, 16 Oct 2005, [EMAIL PROTECTED] wrote:
as instructed I ran ./bootstrap.sh and I get this output and error message:
WARNING: Cannot find automake version 1.5
Trying automake (GNU automake) 1.9.5
WARNING: Cannot find autoconf version 2.13
Trying autoconf (GNU Autoconf) 2.59
You need to f
I don't see anything with regard to the x-forward-patch being included in
STABLE12. The diff file does not mention anything either. Is this a distro
specific thing?
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
To: squid-users@squid-cache.org
Subject: [squid-users]
After following some instrucions on this list I downloaded
squid-2.5.STABLE9 and patched with the x_forwarded_for patch and
nothing works.
here is a summary of what I did:
downloaded and untarred STABLE9
Stefano (the squid package maintainer for squid) graciously provided me
the ./configure
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sarav,
Same here, until stable10, i can apply the rejects manually, but it
doesnt work with stable11 anymore.
regards,
Kenneth
>
>
> Anybody got success this patch with squid-2.5.STABLE11? Pls help
> me.
>
> Sarav
>
>
>
>
>
> > > Download squid-2.5.STABLE9.tar.gz and
> > > follow_xff-2.5.STABLE5.patch on /tmp
> > > Extract the squid tar file with: tar xvfz
> > > squid-2.5.STABLE9.tar.gz
> > > copy follow_xff-2.5.STABLE5.patch to
> > > /tmp/squid-2.5.STABLE9
> > > cd to /tmp/squid-2.5.STABLE9 and execute: patch
> > -p
> > I am posting this on both dansguardian and squid
> > lists so that it can help
> > anyone with the x-forwarded-for patch.
> >
> > Download squid-2.5.STABLE9.tar.gz and
> > follow_xff-2.5.STABLE5.patch on /tmp
> > Extract the squid tar file with: tar xvfz
> > squid-2.5.STABLE9.tar.gz
> > copy
On Fri, 11 Mar 2005, saravanan ganapathy wrote:
Really I don't know what to be changed in
src/structs.h & src/structs.h.rej
Pls help me
Sarav
I tried to find the docs in the net,but couldn't.
The .rej file shows what should be changed in the file.
Regards
Henrik
--- saravanan ganapathy <[EMAIL PROTECTED]> wrote:
>
> --- Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
> >
> >
> > On Wed, 9 Mar 2005, saravanan ganapathy wrote:
> >
> > >> Hand edit the files, adding the changes patch
> > could
> > >> not automatically
> > >> figure out what to do with (faile
--- Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
>
>
> On Wed, 9 Mar 2005, saravanan ganapathy wrote:
>
> >> Hand edit the files, adding the changes patch
> could
> >> not automatically
> >> figure out what to do with (failed/rejected).
> >>
> >
> > What are the files to be edited? What are all
On Wed, 9 Mar 2005, saravanan ganapathy wrote:
Hand edit the files, adding the changes patch could
not automatically
figure out what to do with (failed/rejected).
What are the files to be edited? What are all the
changes to be done?
See the output of the patch command. There is two filenames menti
--- Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
>
>
> On Wed, 9 Mar 2005, saravanan ganapathy wrote:
>
> > Hai
> >
> > When I tried to apply follow_xff-2.5.patch on
> > squid-2.5.STABLE9 , I am getting the following
> error
> >
> > patching file src/structs.h
> > Hunk #1 FAILED at 592.
> > Hunk
On Wed, 9 Mar 2005, saravanan ganapathy wrote:
Hai
When I tried to apply follow_xff-2.5.patch on
squid-2.5.STABLE9 , I am getting the following error
patching file src/structs.h
Hunk #1 FAILED at 592.
Hunk #2 succeeded at 634 (offset 16 lines).
Hunk #3 succeeded at 1619 (offset 7 lines).
Hunk #4 s
Hai
When I tried to apply follow_xff-2.5.patch on
squid-2.5.STABLE9 , I am getting the following error
patching file src/structs.h
Hunk #1 FAILED at 592.
Hunk #2 succeeded at 634 (offset 16 lines).
Hunk #3 succeeded at 1619 (offset 7 lines).
Hunk #4 succeeded at 1679 (offset 16 lines).
Hunk #5 F
Yep, I think I'm in the same situation.
I think it's better that when we set "forwarded_for off" in
squid.conf, we should never see "X-Forwarded-For: Unknown." when there
is no X-Forwarded-For previously, and squid will not add "unknown"
when we already have one.
On Wed, 17 Nov 2004 10:12:38
Hi folks,
My Squid always modifies the X-Forwarded-For header with the client-IP.
I'm now in a situation I want to keep the X-Forwarded-For header as it
is..
As far as i see it's only possible to disable the X-forwarded-for
header, which will result the header as:
X-Forwarded-For: Unknown.
At t
On Thu, 21 Oct 2004, Scott Mayo wrote:
configure.in:: warning: AC_TRY_RUN called without default to allow cross
compiling.
It then said that bootstrapping was complete. Are these warnings alright?
Yes.
Regards
Henrik
On Thu, 21 Oct 2004, Scott Mayo wrote:
After reading more about this, I assume that I need to actually go to
http://ftp.gnu.org/gnu/autoconf/ and download the correct version of
autoconf. Is downgrading to autoconf 2.13 going to effect anything else in
my system? I am running Fedora 2.
Fedora
On Thu, 21 Oct 2004, Scott Mayo wrote:
I got to looking and there is actually only 1 major issue I guess. The
others say that something is deprecated and discouraged.
Can't find autoconf version 2.13
trying version 2.59
Squid-2.5 needs autoconf 2.13. You will also see this warning/error if you
Scott Mayo wrote:
Scott Mayo wrote:
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all
kinds of trouble. I downloaded squid-2.5.STABLE4 and the patch
listed here: http://squid.sourceforge.net/follow_x
l
-Devon
-Original Message-
From: Scott Mayo [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 21, 2004 11:54 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [squid-users] X-Forwarded-For
Scott Mayo wrote:
> Scott Mayo wrote:
>
>> Henrik Nordstrom wrote:
>>
>>&g
Scott Mayo wrote:
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all
kinds of trouble. I downloaded squid-2.5.STABLE4 and the patch
listed here: http://squid.sourceforge.net/follow_xff/ but when I do
Scott Mayo wrote:
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all
kinds of trouble. I downloaded squid-2.5.STABLE4 and the patch
listed here: http://squid.sourceforge.net/follow_xff/ but when I do
the patch and the
Henrik Nordstrom wrote:
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all kinds
of trouble. I downloaded squid-2.5.STABLE4 and the patch listed here:
http://squid.sourceforge.net/follow_xff/ but when I do the patch and
then run bootstrap.sh
On Wed, 20 Oct 2004, Scott Mayo wrote:
I am trying to patch squid with X-Forwarded-For and run into all kinds of
trouble. I downloaded squid-2.5.STABLE4 and the patch listed here:
http://squid.sourceforge.net/follow_xff/ but when I do the patch and then run
bootstrap.sh, I get all kinds of ERR
I am trying to patch squid with X-Forwarded-For and run into all kinds
of trouble. I downloaded squid-2.5.STABLE4 and the patch listed here:
http://squid.sourceforge.net/follow_xff/ but when I do the patch and
then run bootstrap.sh, I get all kinds of ERRORS and WARNINGS. Is there
a newer pat
On Mon, 12 Jul 2004, Marco Berizzi wrote:
> I'm experimenting a problem with a web site because
> X-Forwarded-For is unknown.
If the X-Forwarded-For header says "unknown" then you have set
"forwarded_for off" in squid.conf.
If it is completely missing then you have denied it from header_access.
> > Buhh... sorry: 2.5.STABLE6 compiled from source on Slackware 9.1
> > kernel 2.4.26 gcc 3.2.3 glibc 2.3.2
> >
> Ok, clueless for the moment,but one sanity check,to proof
> that is related to the header_deny,header_access stuff you use
> in squid.conf :
> - if that is not done, is the situa
> Squid version ?
Buhh... sorry: 2.5.STABLE6 compiled from source on Slackware 9.1
kernel 2.4.26 gcc 3.2.3 glibc 2.3.2
> > > However squid.conf.default shows that X-Forwarded-For is
> > > on by default.
>
> > I presume this is not changed in the current squid.conf by
> > setting this parameter to off , for instance ?
>
> No, it is not changed.
>
> > Probably not, you can debug the situation further with :
>
> > However squid.conf.default shows that X-Forwarded-For is
> > on by default.
> I presume this is not changed in the current squid.conf by
> setting this parameter to off , for instance ?
No, it is not changed.
> Probably not, you can debug the situation further with :
>
>
>
> I'm experimenting a problem with a web site because
> X-Forwarded-For is unknown.
>
> However squid.conf.default shows that X-Forwarded-For is
> on by default.
I presume this is not changed in the current squid.conf by
setting this parameter to off , for instance ?
>
> My squid.conf m
I'm experimenting a problem with a web site because
X-Forwarded-For is unknown.
However squid.conf.default shows that X-Forwarded-For is
on by default.
My squid.conf modify only the User-Agent header:
header_access User-Agent deny all
header_replace User-Agent Mozilla/5.0 (X11; U; Linux i686; en
On Tue, 3 Feb 2004, Abdul Khader wrote:
> Hi all,
> I have patched the squid with the X-Forward-For header
> patch.
> But, still no luck. I am still getting 127.0.0.1 in
> access.log.
Is Dansguardian sending a X-Forwarded-For header to Squid?
Have you told Squid to look into the header? (see squ
Hi all,
I have patched the squid with the X-Forward-For header
patch.
But, still no luck. I am still getting 127.0.0.1 in
access.log.
My current setup is Dansguardian -> Squid
Dansguardian is listning on 8080 and squid is
listnening on 3128 on 127.0.0.1. I have enabled ip
forwrding in Dansguardian.
mån 2003-03-17 klockan 18.04 skrev Marc Elsen:
> [EMAIL PROTECTED] wrote:
> >
> > hi, i have the clients, behind them i have squid_A, and behind squid_A i
> > have squid_B.
> >
> > i want that clients IP appear in access.log of squid_B, how i do it?
> >
> > regards.
>
> Drop back question : i
[EMAIL PROTECTED] wrote:
>
> hi, i have the clients, behind them i have squid_A, and behind squid_A i
> have squid_B.
>
> i want that clients IP appear in access.log of squid_B, how i do it?
>
> regards.
Drop back question : is this possible ?
Answer : no
M.
--
'Time is a consequ
hi, i have the clients, behind them i have squid_A, and behind squid_A i
have squid_B.
i want that clients IP appear in access.log of squid_B, how i do it?
regards.
[EMAIL PROTECTED] wrote:
>
> i have the clients, behind then i have a squid , and behind i have another
> proxy (blue coat).
>
> i want that blue coat see the IP of the clients instead of the squid IP,
> but blue coat don`t see the X-forwarded-for parameter.
>
> my question is: is there a
i have the clients, behind then i have a squid , and behind i have another
proxy (blue coat).
i want that blue coat see the IP of the clients instead of the squid IP,
but blue coat don`t see the X-forwarded-for parameter.
my question is: is there another possibility that squid send to blue
Frank Liu wrote:
> I actually tried that a few days ago (see my other post) and it didn't
> work, which made me believe "header_replace" would only work for
> headers set from the client, not for those headers set by squid itself.
>
> Now I re-read the squid.conf, maybe I have to "header_access"
That works! amazing.
I thought "header_access" and "header_replace" only works for
the headers that come from the client. not the ones (like,
X-Forwarded-For) that are set from squid itself. I actually tried
header_replace X-Forwarded-For 1.2.3.4
a few days ago but still got "unknown".
You probab
On Wed, 29 Jan 2003, Henrik Nordstrom wrote:
> Frank Liu wrote:
>
> > 2) is it possible to config quid to send a user defined IP (say
> >the IP of the proxy server itself), rather than "unknown" ?
>
> Should be possible to change the header to say whatever you feel like
> via header_replace.
Frank Liu wrote:
> 2) is it possible to config quid to send a user defined IP (say
>the IP of the proxy server itself), rather than "unknown" ?
Should be possible to change the header to say whatever you feel like
via header_replace.
> on a related one, is it possible to "insert" an customer
That works! amazing.
I thought "header_access" and "header_replace" only works for
the headers that come from the client. not the ones (like,
X-Forwarded-For) that are set from squid itself. I actually tried
header_replace X-Forwarded-For 1.2.3.4
a few days ago but still got "unknown".
btw, if I
1) is it possible to config squid NOT to set this header at all?
I think
header_access X-Forwarded-For deny all
should do.
You can remove it from the source if you feel inclined so. Just do a grep
-r.
Don't have answers to other questions.
Tesla
__
http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.17
talks about this header, and I have some questions:
1) is it possible to config squid NOT to set this header at all?
2) is it possible to config quid to send a user defined IP (say
the IP of the proxy server itself), rather than "unknown" ?
93 matches
Mail list logo