On Tue, 26 Apr 2011 12:55:46 +0000, nickia_at_gmail.com wrote:
> Thanks Amos.
>
> I understand I'm using the reverse mode differently than it was
> intended.
>
> However, what puzzles me is that the reverse mode could pass
> Geolocation check from most sites but not at hulu.com. A transparent
> and forward proxy can pass hulu's test w/o even setting up
> forwarded_for off.
>
> I'm curious what kind of information is it leaking. I checked the
> header and it was perfectly clean; forwarded_for was also off.
The word "leaking" implies information transfer which should not be
happening. As I said reverse-proxy is all about sending *maximum*
information for the backend to work with.
In reverse mode Squid sends everything from its built-in supported
protocols, client IPs, client HTTP version, the port Squid is listening
on. Considerably also the client login credentials, MAC IDs and rDNS
hostname.
I suspect hulu are blocking anything detectable as a proxy. Squid
reverse mode declaring "my proxy protocols, name, and capabilities are
XYZ" is one huge flashing neon signpost that a proxy is being used.
Amos
Received on Tue Apr 26 2011 - 23:36:56 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 27 2011 - 12:00:03 MDT