[squid-users] source address ip spoofing
Hello Squid Dev. Team and Users, I need your advice on a Squid deployment scenario. We have deployed on our network a physical machine with Squid 2.7 listening on port 8080. Proxy Auto-Discovery on our users browsers is able to get activated by a wpad.dat file which transparently redirects our users HTTP requests to our Proxy Server. The way our Proxy Server works now is by hiding the IP address of users getting directed to our machine. Question is... can we have our Proxy Server working in the same deployment scenario but doing Source IP Address Spoofing and making content requests that do not hide users IP(s)? Thank you, Julian -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/source-address-ip-spoofing-tp4667417.html Sent from the Squid - Users mailing list archive at Nabble.com.
Re: [squid-users] source address ip spoofing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/08/2014 7:28 a.m., Julian wrote: Hello Squid Dev. Team and Users, I need your advice on a Squid deployment scenario. We have deployed on our network a physical machine with Squid 2.7 listening on port 8080. Proxy Auto-Discovery on our users browsers is able to get activated by a wpad.dat file which transparently redirects our users HTTP requests to our Proxy Server. The way our Proxy Server works now is by hiding the IP address of users getting directed to our machine. Question is... can we have our Proxy Server working in the same deployment scenario but doing Source IP Address Spoofing and making content requests that do not hide users IP(s)? The clients original IP is transmitted in the X-Forwarded-For HTTP header by default. Unless your proxy admin has configured that header to be deleted or off your appliction should be able to find it there. http://www.squid-cache.org/Doc/config/forwarded_for/ Amos -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJT/qEWAAoJELJo5wb/XPRjHGgH/j/UPCkhYft8jpsvEDd9JBH0 r220fBdx+ixw6EnKyhFKV9lt95tSOlm6x4lmEwg1fwl+5oqobHP6/qYansUKHiiG ucFq6MIWArC2NBuKubD11yLlbaAV4KDeY8kmwKbqQxnOUQ5bYkkbf09hpREBXtKs oXq5/IUUhWe0/Kl8orRiJkwITZwiNNVFUsXZKCkdlHB8Wx6rfjmv+llEgUcfwQn/ OIdBXw3GFsp+YyFFgACIMV5kuygZheO4dZY7PRzYM8FwpIclmpubu2GDk8Pql1Tj L3IsryG34MjQRp6UVpVvcmOUAIZ0V1MhZOKpztZfy4Bbs6UrjnjzbuQK/bTLCFA= =frAw -END PGP SIGNATURE-