cahce_peer_access and x-forwarded-for

Hello,

I have problems with directive cache_peer_access and x-forwarded-for
header. ACLs (type src) in cache_peer_access don't match for indirect
client IP address and it makes me a lot of problems with forwarding
requests to parent caches. I think it is not bug but normal behavior so I
have decided to send mail to this mailing list. Nobody from squid-users
mailing list has answered me so I solved this problem mayself alone.

I have added some rows to neigbors.c to peerAllowedToUse function and now
it works:

peerAllowedToUse(const peer * p, request_t * request)
{
...
    if (p->peer_domain && 0 == do_ping)
        return do_ping;
    if (p->access == NULL)
        return do_ping;
    memset(&checklist, '\0', sizeof(checklist));
/*ADDED*/
#if FOLLOW_X_FORWARDED_FOR
        if (Config.onoff.acl_uses_indirect_client) {
        checklist.src_addr = request->indirect_client_addr;
        } else
#endif /* FOLLOW_X_FORWARDED_FOR */
/*END ADDED*/
    checklist.src_addr = request->client_addr;
    checklist.my_addr = request->my_addr;
    checklist.my_port = request->my_port;
    checklist.request = request;
...
}

Cache_peer_access now uses indirect client IP address. I am not programer
so I maybe made a mistake.

Please can you include this feature to next release of squid if possible?
I think it is useful feature for all users, isn't it?

Many thanks

Regards
Juraj Sakala
Received on Wed Mar 14 2007 - 14:18:33 MDT