We've used a few different Squid setups over the years, from a vanilla setup to a transparent interception proxy, to a fully transparent tproxy.
We're now using DansGuardian to keep tabs on our users (we don't block; we just monitor). This is good, but unfortunately it doesn't appear to be compatible with tproxy (DG only understands interception or regular proxying). Does anyone know of a way to use DG as an interception proxy, but configure Squid to use the "real" client IP address in its outgoing requests? I have no idea if this is possible since it would be quite a mess of different proxy schemes (DG would be interception-based using routing, Squid would use X-Forwarded-For to get the real IP, and then tproxy to make the request using the client address). Alternately, does anyone know of a good web monitoring product that works in a "sniffer" mode so I don't need to insert it inline? I basically would like to use tproxy, but also need to log users who are going to naughty sites... Thanks, Jason -- Jason Healy | [email protected] | http://www.logn.net/
