On 16/01/18 05:26, Bruce R wrote:
Is it possible to configure Squid to log the details of the PROXY protocol when using it? We're running Squid 3.5.20 in AWS behind a TCP load balancer, which supports forwarding the PROXY protocol header. I'd like to be able to include the client IP as provided in the PROXY protocol header, but I'd be happy to log the entire header as well if necessary. I've spent some time searching for information on this but haven't had any luck so far.
When the PROXY protocol is received the details it supplies replace the TCP connection supplied values. That means everything in Squid dealing with client-IP or port displays or uses the PROXY values.
In squid.conf add the option "require-proxy-header" on the http_port you are receiving traffic from the LB. It is then important that you prevent traffic arriving from anywhere else than trusted sources. It is left to you to configure your firewall appropriately.
If you really want to see PROXY happening it is recorded in cache.log with "debug_options 33,5"
Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users