Henrik Nordstrom wrote:
On mån, 2007-07-30 at 23:55 +0545, Tek Bahadur Limbu wrote:
I have applied your techniques you describe above. I still have problems
detecting my child proxies. In a layman view, how to I see them in the
first place.
If you are lucky the child proxies add X-Forwarded-For or Via headers,
which you can detect using the req_header acl.
But many such proxies do not want to be found (and it's trivial to hide
these using Squid), and you then have to use statistics based on the
access patterns to guess when there is more than one user on the same
client IP.
Hi Henrik,
Pardon me on this but how do I actually use the req_header ACL type? I
am little confused with it's syntax.
For example, let's suppose those who are operating child proxies are
naive and their child proxies do add the X-Forwarded-For headers in the
following scenario:
192.168.0.0/24 are my proxies
192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24 are my normal customers
Now my smart customers using child proxies can be from anywhere between
192.168.1.1 to 192.168.3.254.
How do I detect and stop them from operating child proxies.
I would really appreciate your help on this matter.
This issue has been bugging me for some time now!
Thanking you...
Regards
Henrik
--
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
http://www.wlink.com.np
