Hi Peter,
I've seen similar issues with Bluecoat boxes in the past, whereby Squid
receives requests from the Bluecoats and the Bluecoat IP address appears in
the logs.
I'm guessing your pfSense boxes sit in front of your Squid server?
By default, Squid has 'forwarded_for on' which means it will append the
source IP (which to Squid is the IP of the pfSense box) to the
X-Forwarded-For header.
You need to change this option to 'forwarded_for transparent', and ensure
that your pfSense box sets the X-Forwarded-For header.
In your logformat you should also place "%{X-Forwarded-For}>h" so that the
contents of the header are included in the log file.
Hope that helps
Gareth
-----
Follow me on...
My Blog
Twitter
LinkedIn
Facebook
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Enabling-x-forward-address-in-logs-tp4489509p4489658.html
Sent from the Squid - Users mailing list archive at Nabble.com.
