Search squid archive

Re: squid + dansguardian + auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 17 Feb 2010 09:49:03 +0000 (WET), Bruno Santos
<bvsantos@xxxxxxxxxxxxxxxx> wrote:
> X-Copyrighted-Material
> 
> Hi !
> 
> No, i don't have those enabled. I'm using LDAP auth in squid (although
> i've enabled proxy-digest.conf in dansguardian)
> 
> The problem here is the following:
> 
> When the request reaches dansguardian, the machine IP who made the
request
> is correct.
> When dansguardian passes the request to squid, it goes with the local
> machine IP (127.0.0.1) and squid denies the request....
> I've been messing around with the following dansguardian options:
> forwardedfor, usexforwardedfor and originalip
> 
> Any hints ?
> 

!) This is how software chaining at OSI level-7 works.
DG is running on machine at 127.0.0.1, therefore requests coming to Squid
are arriving from ...

With "follow_x_forwarded_for" set in Squid to trust DG on 127.0.0.1 and DG
adding the XFF header properly Squid should be able to locate the real
client IP in there and use that according to all the *_uses_indirect_client
config settings.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux