Re: [squid-users] Host header forgery policy

From: Eliezer Croitoru <eliezer_at_ngtech.co.il>
Date: Mon, 14 Jul 2014 21:29:29 +0300

On 07/14/2014 09:23 PM, Edwin Marqe wrote:
> Hi Eliezer,
>
> I understand that, but this is pretty much the point of my e-mail. In
> my company we don't work with servers installed physically here,
> instead, we rent servers to a company. We use 2 nameservers for our
> clients, and the IT company uses others and additionally they don't
> allow to change them and they're restricted to their net... So I don't
> know what else can I do.
It's still not squid related issue...

> We don't have a specific configuration for the google.com DNS entry,
> so I don't really know why Squid says it's pointing to a local
> address.
It's not...
It's only referring to the client address as in 10.10.10.6.

  The address appearing in the log is the local address of the
> client making the request. There's no other redirection nor complex
> iptables rules for this. Any idea?
Indeed there is..
You can do one of two:
- use the IT DNS server
- Force the DNS of the clients on squid

One of the above should be done and if the company do not give you this
you can tell them that it's required to operate squid and if they do not
want to let you use\forward to the DNS server they need to fix the issue
by them-self.
It's pretty simple from one way or another.

Eliezer
Received on Mon Jul 14 2014 - 18:32:17 MDT

This archive was generated by hypermail 2.2.0 : Tue Jul 15 2014 - 12:00:08 MDT