On 19/05/2012 9:05 a.m., Thomas van Graan wrote:
> Hi all.
>
> I have Squid 3.0 running on an Ubuntu 10.04.3 LTS (64-bit).
> Straightforward. No funnies caching proxy.
> Scenario roughly: Network -> Proxy -> Firewall -> Main ISP.
> Problem is short and sweet: Currently the Firewall sees traffic as
> coming from the proxie's IP. Client wants to see the originating
> customer IP at Firewall level as some need has arisen to do some
> bandwidth control on the firewall. Can this be done and if so can
> somebody help?
Option 1) configure "forwarded_for on" (default) in squid.conf
* consult your firewall configuration on how it parses HTTP and
interprets the X-Forwarded-For header.
Option 2) upgrade to Squid-3.1 and use TPROXY.
* adding to the network all the problems of interception proxy
Option 3) consult more on what the policies are and see if Squid QoS
features are able to mark the traffic as needed by those policies.
Amos
Received on Sun May 20 2012 - 00:17:38 MDT
This archive was generated by hypermail 2.2.0 : Sun May 20 2012 - 12:00:03 MDT