On 1/16/20 9:59 AM, robert k Wild wrote: > i have two proxies (one sibling going to a parent) FYI: "siblings" are proxies that fetch hits from each other. The proxy "going to the parent" is usually called a "child" proxy: clients -> child -> parent -> servers > when i look at the parent proxy access logs, it just logs the ip address > of the sibling proxy > > if i add the lines below in my sibling proxy > > acl localhost src 127.0.0.1 > acl my_other_proxy srcdomain .proxy.example.com > follow_x_forwarded_for allow localhost > follow_x_forwarded_for allow my_other_proxy > > when i next look at the logs, will it show the ip of my clients? No, it will not (by default) AFAICT. For the parent proxy logs to contain IP addresses of the clients, a) The child proxy must send the X-Forwarded-For header to the parent. b) The parent proxy must trust X-Forwarded-For received from the child (as far as logging is concerned). Your configuration changes at the child proxy do neither (a) nor (b). IIRC, (a) will happen by default, while (b) requires follow_x_forwarded_for and log_uses_indirect_client rules at the parent proxy. I did not review your follow_x_forwarded_for rules. The follow_x_forwarded_for rules at the child proxy are needed if and only if you want the child proxy to trust the X-Forwarded-For headers received by that child proxy (from its clients). That is only necessary in deeper hierarchies: clients -> child1 -> child2 -> parent Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users