Lyle, The original poster is correct that pfSense is publishing that data if/when squid is used. Squid can add headers that contain the private IP of the computer that originated the request. In the pfSense Squid package, the setting to send these headers is set ON by default.
I had the same issue with one of my locations, where the site owner wanted a SquidGuard filter set up. It was a slightly complicated setup and I did a lot of testing using web sites that I run and then saw a lot of private IP addresses in my site access logs. As I understand it, this feature of Squid is used primarily when Squid is set up as a reverse cache (i.e. in front of a web server). In that case, the web server sees all traffic coming from the proxy's IP address and uses the additional header(s) to find out where the traffic really came from so it can apply access rules and do logging with the actual source IP. Moshe ------------------------------ Moshe Katz KatzNet Computers -- [email protected] -- +1(301)867-3732 On Sun, Nov 7, 2010 at 8:33 PM, Lyle Giese <[email protected]> wrote: > slamp slamp wrote: > > http://checkip.dyndns.org/ > > > > how is this possible? i am behind a standard install of pfSense > > 1.2.3-RELEASE which means i am NAT'd. how is pfsense publishing my > > private IP? > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > Commercial support available - https://portal.pfsense.org > > > > > What makes you think pfSense is publishing that data? I have seen a > java script trick to get the end computer to report it's ip > address(which can be behind a NAT and can be a private ip address(like > 192.168.x.x). > > When I check that url, it displays my public ip address that's on the > WAN side of pfSense here. But since I am connecting to their webserver > via a TCP connection on port 80, they should know the public ip address > I am connecting from. It's part of how TCP/IP works. > > Lyle Giese > LCR Computer Services, Inc. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > >
