Search squid archive

Re: ACL based on XFF

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/04/2012 7:15 p.m., Sekar Duraisamy wrote:
Hello All,

Can create an ACL based on XFF?

Yes.

Now what do you mean by "based on"?

Since the squid placed  after the loadbancer, it will send the XFF and
LB ip as source ip for all the request. So I want to put ACL based on
XFF.

Is this possible?

This is the purpose of XFF header and the follow_x_forwarded_for directive.

This config:
  acl LB src <your LB IP address>
  follow_x_forwarded_for allow LB
  follow_x_forwarded_for deny all

With the LB setting the XFF header correctly the above will make Squid see and use the IP of clients on other side of the LB.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux