Henrik Nordstrom wrote:
> On mån, 2007-07-30 at 23:55 +0545, Tek Bahadur Limbu wrote:
>
>> I have applied your techniques you describe above. I still have problems
>> detecting my child proxies. In a layman view, how to I see them in the
>> first place.
>
> If you are lucky the child proxies add X-Forwarded-For or Via headers,
> which you can detect using the req_header acl.
>
> But many such proxies do not want to be found (and it's trivial to hide
> these using Squid), and you then have to use statistics based on the
> access patterns to guess when there is more than one user on the same
> client IP.
Hi Henrik,
Pardon me on this but how do I actually use the req_header ACL type? I
am little confused with it's syntax.
For example, let's suppose those who are operating child proxies are
naive and their child proxies do add the X-Forwarded-For headers in the
following scenario:
192.168.0.0/24 are my proxies
192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24 are my normal customers
Now my smart customers using child proxies can be from anywhere between
192.168.1.1 to 192.168.3.254.
How do I detect and stop them from operating child proxies.
I would really appreciate your help on this matter.
This issue has been bugging me for some time now!
Thanking you...
>
> Regards
> Henrik
-- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.npReceived on Tue Jul 31 2007 - 02:15:28 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:04 MDT