Jason Healy wrote:
We've used a few different Squid setups over the years, from a
vanilla setup to a transparent interception proxy, to a fully
transparent tproxy.
We're now using DansGuardian to keep tabs on our users (we don't
block; we just monitor). This is good, but unfortunately it doesn't
appear to be compatible with tproxy (DG only understands interception
or regular proxying).
Does anyone know of a way to use DG as an interception proxy, but
configure Squid to use the "real" client IP address in its outgoing
requests? I have no idea if this is possible since it would be quite
a mess of different proxy schemes (DG would be interception-based
using routing, Squid would use X-Forwarded-For to get the real IP,
and then tproxy to make the request using the client address).
It was not safe to do that when I first added TPROXY. XFF as been
improved since so the risk is now much lower but still present. I'll
consider it for a future release.
Alternately, does anyone know of a good web monitoring product that
works in a "sniffer" mode so I don't need to insert it inline? I
basically would like to use tproxy, but also need to log users who
are going to naughty sites...
From what I understand of your requirements you don't actually need DG
or anything but Squid alone. Squid can log in any format you choose to
configure. If there is anything it does not yet log we'd be interested
in hearing about that.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
Current Beta Squid 3.1.0.18
