First, thanks for the reply!
In message <3BED10E1.B90EF19E@squid-cache.org>
Henrik Nordstrom <hno@squid-cache.org> wrote:
> Daniel Barron wrote:
>
> > a) modify the log setting so that it logs the results from an XFF entry
> > and this can be in addition or in replacement for the source ip entry.
>
> Requires changes to the C code. You are welcome to add the code required,
> but please keep in mind that headers can easily be forged so the header
> should not be seen as more than advisory.
The sort of environment I would want to use it in is schools (generally with
young children) so forged HTTP headers would not be an issue ;)
If I were to add the code required, is it likely to ever be incorperated into
the main tree? The reason I ask is that as each new version of squid comes
out I would need to repatch and recompile and I think that this feature would
actually be really useful for some people, not just me.
>
> > b) set up ACLs according to the X-Forwarded-For header value.
> >
> > How do I do this? I've looked at the FAQ and not found the answer and
> > had a look at quite a few mailing list archive entries with the word
> > 'forwarded' in and not found the answer. Infact this is how I came to
> > this email that is quoted. I've also looked at the squid.conf and not
> > seen a way to do this. Also the ACL information in the FAQ suggests that
> > b) is impossible.
>
> This too requires changes to the C code, but not very much.
Again, the same question.
Thanks for your time.
-- Daniel BarronReceived on Thu Nov 15 2001 - 10:19:05 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:15 MST