Facundo Vilarnovo wrote:
Zul,
What variables are you referring to? We test setting up the proxy ip on
the IE.
Pointing to port 3128 using http://www.whatsmyipaddress.com, as a result it says it
passes the original source ip address (client's ip), but detects a proxy server. Doing
totally "transparent" with wccp, nothing configured on IE, we get the same
results.
The point is we are still getting the proxy detected. Using variables like via and XFF, the result of using the XFF and via is that passes the client ip address or don't.
While the above is correct...
it's seems to have nothing to do with the problem of the cache being visible or
don't.
...this is not.
Via off XFF off = clients source ip it's shown, proxy detected.
Makes sense. You are still transmitting a X-Forwarded-For header. Just
not populating it with data.
Via on XFF on = clients source ip it's not shown (shows proxy ip), proxy not
detected.
This is a bit of a mystery. Perhaps the script is being tricked by
having a valid XFF and VIA header which don't agree with the client
source address.
Tnxs!
Facundo Vilarnovo
In any case, setting the tag "forwarded_for" to "off" in the squid.conf
file does not prevent its addition by Squid (see
http://www.squid-cache.org/Versions/v2/HEAD/cfgman/forwarded_for.html).
Setting "via off" only prevents the instance of Squid where it is set
from adding its own Via header. Try using...
header_access Via deny all
header_access X-Forwarded-For deny all
...and accessing whatsmyipaddress.com. You might have better luck.
Chris
