On 20.06.2012 22:40, Josef Karliak wrote:
Hi there,
we use Kemp loadbalancer for balancing proxy (active-backup). All
users has set IP of kemp loadbalancer. But in the squid access_log is
IP of the loadbalancer, I want there an IP of the user that is
accessing the web pages (we use webalizer for analyzing top browsing
users).
My logformat defined in squid.conf:
logformat combined %>a %ui %un [%{%d/%b/%Y:%H:%M:%S +0000}tl] \
"%rm %ru HTTP/%rv" >Hs %<st "%{Referer}>h" "%{User-Agent}>h"
%Ss:%Sh
Do I've some bad variable in the logformat ?
Your format is accurate.
The kemp load balancer apparently operates in one of two ways:
layer 4, using NAT alteration of packets before delivery to the Squid
box. The real clients addresses are gone. There is no recovery possible.
layer 7, using a proxy which itself makes HTTP requests through Squid.
So it is the one and only *client* to Squid. It *might* be able to set
X-Forwarded-For headers and inform Squid about the clients original IP
address. If so configure:
acl kemp src ... IP of kemp load balancer(s)
follow_x_forwarded_for allow kempID
follow_x_forwarded_for deny all
NOTE: You have the alternative option of active-passive load balancing
in a PAC file which is performed directly in the client browser.
Amos
