[squid-users] How to know the origin port of a user HTTP request from Geoffroy ARNOUD on 2006-01-12 (squid-users)

From: Geoffroy ARNOUD <geoffroy.arnoud@dont-contact.us>
Date: Thu, 12 Jan 2006 10:48:51 +0100

Hi All,

I have a question regarding a Squid-Cache acting both as proxy and as
transparent-proxy.

I have set up my Squid-Cache and it works well, with a simple redirector I
wrote. I have a router that takes all HTTP traffic and forwards it to my
squid, for all types of request (proxy and non-proxy).
My redirector checks if the requested URL is allowed. If not it requests a
302 redirection to a Web server. Up to this point, nothing is difficult.

In the case of users using a Web Proxy, my web server receives their request
through Squid. The web server runs a web application that needs the true IP
address of the user. I think that I can get it from the "X-Forwarded-For"
HTTP header, that is set by Squid-Cache.
But my web application also needs the original source port of the request,
from the user PC. Let me explain what happens, and what I need:

A user PC (ORIG_IP) sends a HTTP request to my web application from its
browser. Browser is set to use a proxy (say it's set to 10.11.12.13:8080).
The request is sent from TCP port ORIG_PORT from the PC.
My main router intercepts the user's traffic and forwards it to Squid-Cache
(SQUID_IP:SQUID_PORT).

From network point of view, Squid-Cache sees a HTTP request from
ORIG_IP:ORIG_PORT to SQUID_IP:SQUID_PORT.
From network point of view, the user's PC sees a HTTP request gtom
ORIG_IP:ORIG_PORT to 10.11.12.13:8080.

Squid-Cache which proxies the request to my Web Application. Squid adds
"X-Forwarded-For=IP_ORIG" in the HTTP request. As I tell above, my web
application needs to know the value of ORIG_PORT.

So my question is: does anyone know how I can ask squid to provide it to my
webapp? in another HTTP header? With "X-Forwarded-For=ORIG_IP:ORIG_PORT"?

I am sorry if it is a bit long, but I not very good at sumarizing.

Thank you in advance.
Geoffroy

This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
Received on Thu Jan 12 2006 - 02:49:21 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST