I users coming into our network over an L2TP tunnel who are assigned an IP
address and then are directed through our squid servers via an LVS.
My problem is that the squid access log shows the requests coming from the
IP address of the L2TP tunnel but I want it to tell me what the remote users
IP address is.
My setup is as follows:
User (IP: 10.0.0.2)
|
|
L2TP Tunnel (IP: 192.168.0.2)
|
|
LVS (IP: 192.168.0.4)
|
|
Squid Server (IP: 192.168.0.6)
Squid shows the requests from 192.168.0.4 (LVS ip).
I've created a script that shows all variables via a CGI script:
#####
#!/usr/bin/perl
use CGI;
my $page = new CGI;
print $page->header, $page->start_html;
foreach $key (sort keys (%ENV))
{
print "$key = $ENV{$key}<P>"
}
$page->end_html;
#####
And it shows the following info:
HTTP_X_FORWARDED_FOR = 192.168.0.2 (tunnel)
REMOTE_ADDR = 192.168.0.4 (LVS)
SERVER_ADDR = 192.168.0.4 (LVS)
SERVER_NAME = 192.168.0.2 (tunnel)
But never shows the users IP.
The reason I need this is because we use squidguard to filter access to
certain web sites and some users might need to see these blocked sites. So
we have a script that they can access to turn off the filtering for them for
a short time. It determines their IP address and rebuilds the
squidguard.conf file allowing their IP to bypass the squidguard filtering.
However all it's doing at the moment is allowing the tunnel IP to bypass the
filtering which means everyone is unfiltered.
I don't want to add the IP's into the squidguard.conf file and leave them
there as there are so many users it would be an admin nightmare.
It must be possible because if I run squid on the server terminating the
tunnel and use that to request pages via, it shows the real IP address and
not the tunnel IP.
Anyone got any ideas?
Thanks in advance.
Tony
Received on Sat Oct 15 2005 - 00:59:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:04 MST