Hello all, First of all, I'd like to thank Reyk, Pierre-Yves and OpenBSD for this fantastic piece of software, alongside pf. SSL inspection was a total breeze, and my current test installation is working perfectly. I've configured relayd to act as a forward proxy for basic URL filtering using blacklists, in order to replace my current Squid installation.
That said: I'd like to configure relayd to apply different blacklist filters depending on the connecting client. So, for example, a more complete blacklist would be applied against an unprivileged user, and a more lenient blacklist is applied against an administrative user. I figured I'd use 'match header' to accomplish that task, but it doesn't seem the client IP is present on HTTP headers (as expected). I've read the manpage and didn't find a suitable filter, so I ask: is there a way to filter by $REMOTE_ADDR (i.e. client address)? One alternative I've devised is to make relayd listen on two different ports, each with its respective filter, and redirect from pf depending on the originating address, but that'd result in a very verbose configuration file, I think. Thanks in advance for your help. Regards, fbscarel
