On Wed, 14 Dec 2005, olivier wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hi all,
>
> I recently made a small patch to add the X-Server-IP feature in
> Squid2.5. Basically: send the origin server ip in the ICAP headers
> if it's available from the ip cache.
>
> I've been using it in (pre)production for some weeks now without any
> problems.
>
> Can someone give a look at http://labs.biniou.info/squid-icap-2_5.diff ?
The patch is nice and simple, so I don't have any problems with it.
There is this, however:
+ if (Config.icapcfg.send_server_ip || service->flags.need_x_server_ip)
The Squid admin might believe that setting 'icap_send_server_ip off'
means Squid would never send the IP address to ICAP. But Squid
will in fact send the IP if the ICAP server asks for it.
Its probably not a big deal because most people don't care about
the "privacy" of an origin server IP address. But some might.
I suggest adding a comment to squid.conf to explain that the server
IP address would be sent regardless of the icap_send_server_ip
setting if the ICAP server OPTIONS response says "X-Include:
X-Server-IP"
Otherwise, maybe the logic should be && instead of || ?
Duane W.
Received on Thu Dec 22 2005 - 16:36:08 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:03 MST