Jian Wang wrote:
Hi, all, Recently, we used Squid redirectors to solve an application problem.
Better to fix the application problem than to hack around it with complication.
Our redirectors are checking incoming requests against a database table to see if this IP has already accessed Squid--redirect only if ip is not in database. We now have the concern that it may cause problem when applying our application to a NATed or PATed network. In those networks, private IP addresses are not seen from the upper level router(on where our Squid is sitting). Therefore, it seems to be not possible for us make our redirectors work as expected. In our application, we don't want to use any user name + password for access authentication, our situation is that everyone is authorized. In the Squid redirector input string, we can only get IP address(plus FQDN at most, which doesn't help at all). Is there a way for Squid to solve this problem?
Try ACL, up to and including custom external_acl_type. They can check based on just about anything you like and permit/deny redirection via url_rewrite_access.
Amos -- Please use Squid 2.7.STABLE3 or 3.0.STABLE7
