On 19/05/2012 9:05 a.m., Thomas van Graan wrote:
Hi all.
I have Squid 3.0 running on an Ubuntu 10.04.3 LTS (64-bit).
Straightforward. No funnies caching proxy.
Scenario roughly: Network -> Proxy -> Firewall -> Main ISP.
Problem is short and sweet: Currently the Firewall sees traffic as
coming from the proxie's IP. Client wants to see the originating
customer IP at Firewall level as some need has arisen to do some
bandwidth control on the firewall. Can this be done and if so can
somebody help?
Option 1) configure "forwarded_for on" (default) in squid.conf
* consult your firewall configuration on how it parses HTTP and
interprets the X-Forwarded-For header.
Option 2) upgrade to Squid-3.1 and use TPROXY.
* adding to the network all the problems of interception proxy
Option 3) consult more on what the policies are and see if Squid QoS
features are able to mark the traffic as needed by those policies.
Amos
