set forwarded_for off On Mon, Apr 30, 2012 at 5:50 PM, Roman Gelfand <rgelfand2@xxxxxxxxx> wrote: > My squid server is behind NATed firewall. When accessing site > www.dnsstuff.com, it reports my ip address as local address of the > client. > > For instance, > > 1. squid server ip is 192.168.1.10 > 2. client accesing the www.dnsstuff.com site via squid server is 192.168.1.101. > > The www.dnsstuff.com reports my ip as 192.168.1.101 instead of wan ip. > > I am using squid 3.19 > > Thanks for your help > > On Mon, Apr 30, 2012 at 9:03 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: >> On 30/04/2012 11:56 p.m., Roman Gelfand wrote: >>> >>> My client access configuration is as follows. >>> >>> always_direct allow all >>> http_access allow all >>> >>> # Squid normally listens to port 3128 >>> http_port 3128 ssl-bump generate-host-certificates=on >>> dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/etc/host.pem >>> >>> url_rewrite_children 64 >>> >>> url_rewrite_program /usr/local/bin/squidGuard -c >>> /usr/local/squidGuard/squidGuard.conf >>> >>> >>> It appears that, when sending ougoing requests, http header is from >>> the original host. I guessing, this is why it is called transparent >>> proxy. >> >> >> There is nothing of transparent proxying in this config. >> * You have ssl-bump decryption of CONNECT requests. >> * You have a re-writer/redirector altering the traffic URLs. >> >> Tranparent means the requests are not altered. >> >> >>> It seems that that causes routing problems. Could you tell me >>> where I am going wrong here. >> >> >> Could you please explain the problem? >> And also give an indication of what Squid version you are talking about >> please. >> >> Amos