ROUTIER Gilles wrote: > > Hy, > > I would like that Squid presente with @ the IP of the customer when it > carries out a request. > Because currently, squid returns its IP to carry out its request what > poses problems of safety measures. > > Exemple : > The customer is authorized to connect itself with his @ IP to a http > server. > When it is connected, the http server receives to it @ IP of Squid and > returns to him like message: "Refused Access" > > Thanks > Gil
Basically , unavoidable by the nature of using the Squid proxy. Remote server can use the X-Forwarded-for field added by squid to the request to add the client ip. Squid can not presents itself with the ip of the customer, it's an app. not a network protocol. Basically, IP based auth. these days is outdated (conceptually). In today's Internet IP has been turned around into some kind of Superlan protocol (Nating tricks. e.d.). Make any source IP in most cases quite irrelevant in the context of app. authentication. Advise the remote site to use username/pw. authentication, for instance. M. -- 'Love is truth without any future. (M.E. 1997)
