Juraj Sakala wrote:
Thanks once again for sharing light on this. Do you have any examples
where I can use req_header to detect if my clients have their own proxy
servers?
Any clue, web links or posts will highly be appreciated.
Also is req_header the only option whereby we can detect child proxies?
Or do we also have other options for detecting child proxies?
I googled and found the Follow X-Forwarded-For headers (follow_xff) tag.
Do you have any ideas regarding this?
Yes, X-Forwarded-For headers can be useful. There is same problem as with Via
header - spoofable. In default squid configuration is directive forwarded_for
set to on. It means, that squid forward forwarded-for header to upstrem
proxy. Your squid has to be compilled with --enable-follow-x-forwarded-for
option, and in squid config you need this directives:
follow_x_forwarded_for allow all
acl_uses_indirect_ckient on
log_uses_indirect_client on
Then you can track clients behind child proxy's. But all is depending on child
squid configuration.
Hi Juraj,
Thanks for the update.
I have applied your techniques you describe above. I still have problems
detecting my child proxies. In a layman view, how to I see them in the
first place.
My squid boxes are compiled with the "--enable-follow-x-forwarded-for"
option.
Thanking you...
--
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
http://www.wlink.com.np
