The situation is not that bad. The HTTP requests that the SQUID sent
out contains the IP address of the user who started the request. So if
someone want to find the real culprit, one should check the field
HTTP_X_FORWARDED_FOR instead of just REMOTE_ADDR.
Henrik Nordstrom wrote:
>
> You cannot get caching without proxying.
>
> What can theoretically be done is to have the proxy spoof the client IP
> when sending the request, but this is heavy woodo TCP/IP magic which I
> only recommend even considering where the cache runs on the border
> gateway, seeing all traffic.
>
> --
> Henrik Nordstrom
> Squid hacker
>
> Awie wrote:
> >
> > Folks,
> >
> > I have a problem that caused by PROXY feature of Squid. All of HTTP
> > traffic was send and received by IP address of Squid box. So, all of
> > users action (hacking, cracking, etc) are BEHALF on our Squid box.
> > Internet will assume that our Squid machine do the bad job.
> >
> > Our Squid is running in transparent mode by redirecting HTTP traffic
> > to Squid by our Cisco router.
> >
> > Do someone know how to use Squid without PROXY feature? We only need
> > CACHING feature to save our bandwidth (Squid saves our bandwidth for
> > around 20% - 30%). Users will responsible what they do by being
> > detected their own IP address.
> >
> > Your comment, suggestion is very appreciated. Thanks a lot for your
> > help and support
> >
> > Best Regards,
> >
> > Awie
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
-- Regards, Clement -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Wed Jan 17 2001 - 23:45:12 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:29 MST