Re: [squid-users] Squid 3.1.x and Kemp loadbalancer.

2012-06-20 Thread Amos Jeffries

On 20.06.2012 22:40, Josef Karliak wrote:

Hi there,
  we use Kemp loadbalancer for balancing proxy (active-backup). All
users has set IP of kemp loadbalancer. But in the squid access_log is
IP of the loadbalancer, I want there an IP of the user that is
accessing the web pages (we use webalizer for analyzing top browsing
users).
  My logformat defined in squid.conf:
logformat combined %>a %ui %un [%{%d/%b/%Y:%H:%M:%S +}tl] \
  "%rm %ru HTTP/%rv" >Hs %h" "%{User-Agent}>h" 
%Ss:%Sh


  Do I've some bad variable in the logformat ?



Your format is accurate.

The kemp load balancer apparently operates in one of two ways:

 layer 4, using NAT alteration of packets before delivery to the Squid 
box. The real clients addresses are gone. There is no recovery possible.


 layer 7, using a proxy which itself makes HTTP requests through Squid. 
So it is the one and only *client* to Squid. It *might* be able to set 
X-Forwarded-For headers and inform Squid about the clients original IP 
address. If so configure:


  acl kemp src ... IP of kemp load balancer(s)
  follow_x_forwarded_for allow kempID
  follow_x_forwarded_for deny all



NOTE: You have the alternative option of active-passive load balancing 
in a PAC file which is performed directly in the client browser.



Amos



[squid-users] Squid 3.1.x and Kemp loadbalancer.

2012-06-20 Thread Josef Karliak

  Hi there,
  we use Kemp loadbalancer for balancing proxy (active-backup). All  
users has set IP of kemp loadbalancer. But in the squid access_log is  
IP of the loadbalancer, I want there an IP of the user that is  
accessing the web pages (we use webalizer for analyzing top browsing  
users).

  My logformat defined in squid.conf:
logformat combined %>a %ui %un [%{%d/%b/%Y:%H:%M:%S +}tl] \
  "%rm %ru HTTP/%rv" >Hs %h" "%{User-Agent}>h" %Ss:%Sh

  Do I've some bad variable in the logformat ?
  Thank you very much and best regards
  J.Karliak

--
Ma domena pouziva zabezpeceni a kontrolu SPF (www.openspf.org) a
DomainKeys/DKIM (with ADSP) . Pokud mate problemy s dorucenim emailu,
zacnete pouzivat metody overeni puvody emailu zminene vyse. Dekuji.
My domain use SPF (www.openspf.org) and DomainKeys/DKIM (with ADSP)
policy and check. If you've problem with sending emails to me, start
using email origin methods mentioned above. Thank you.


This message was sent using IMP, the Internet Messaging Program.



biny5iAWtCFdJ.bin
Description: Veřejný PGP klíč