Fw: [SQU] source IP restriction problem

From: Carl Li <zmli@dont-contact.us>
Date: Wed, 15 Nov 2000 12:07:48 +0800

Is there anyone can help me? Can Squid forward client's request with client's original IP ?

thanks!

Carl

----- Original Message -----
From: "Jens-S. Voeckler" <voeckler@rvs.uni-hannover.de>
To: "Carl Li" <zmli@cernet.edu.cn>
Sent: Tuesday, November 14, 2000 6:26 PM
Subject: Re: [SQU] source IP restriction problem

> On Tue, 14 Nov 2000, Carl Li wrote:
>
> ]Thank you sir. You know, we have bought some web database service from
> ]foreign university's library which uses source-IP for authentication. If
> ]we use Squid as a proxy and Squid's IP cannot be authenticated by the
> ]web server, then we will not get the service we bought. It's a critical
> ]problem. So, we want Squid just forward client's request to the web
> ]server without any change to the request's IP address. Can Squid do it
> ]in this way?
>
> This is the n-th time I have heard that some university libraries use IP
> based authentication. Probably some lib thought it is a great idea and
> everylib else followed the Lemmings. IP based authentication is as much a
> quick hack as it is *not* secure. So if everyone pressures their
> respective library services to use a *decent* scheme, supposedly based on
> some secure authentication protocol which is independent of the transport
> protocol, hopefully the issue will die out some day soon.
>
> Your question, though, can better be answered by someone who actually does
> "transparent" things with Squid.
>
> Sigh,
> Dipl.-Ing. Jens-S. Vöckler (voeckler@rvs.uni-hannover.de)
> Institute for Computer Networks and Distributed Systems (RVS)
> University of Hanover, Germany; ++49 511 762 4726
>
>

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Tue Nov 14 2000 - 21:12:43 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:22 MST