Then it's not pfSense, but Squid doing that! Squid is a separate package and not part of pfSense. (I do know what Squid is as I built and administer a squid server for a customer)
Lyle Moshe Katz wrote: > Lyle, > > The original poster is correct that pfSense is publishing that data > if/when squid is used. Squid can add headers that contain the private > IP of the computer that originated the request. In the pfSense Squid > package, the setting to send these headers is set ON by default. > > I had the same issue with one of my locations, where the site owner > wanted a SquidGuard filter set up. It was a slightly complicated > setup and I did a lot of testing using web sites that I run and then > saw a lot of private IP addresses in my site access logs. > > As I understand it, this feature of Squid is used primarily when Squid > is set up as a reverse cache (i.e. in front of a web server). In that > case, the web server sees all traffic coming from the proxy's IP > address and uses the additional header(s) to find out where the > traffic really came from so it can apply access rules and do logging > with the actual source IP. > > Moshe > > ------------------------------ > Moshe Katz > KatzNet Computers > -- [email protected] <mailto:[email protected]> > -- +1(301)867-3732 > > > > On Sun, Nov 7, 2010 at 8:33 PM, Lyle Giese <[email protected] > <mailto:[email protected]>> wrote: > > slamp slamp wrote: > > http://checkip.dyndns.org/ > > > > how is this possible? i am behind a standard install of pfSense > > 1.2.3-RELEASE which means i am NAT'd. how is pfsense publishing my > > private IP? > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > <mailto:[email protected]> > > For additional commands, e-mail: [email protected] > <mailto:[email protected]> > > > > Commercial support available - https://portal.pfsense.org > > > > > What makes you think pfSense is publishing that data? I have seen a > java script trick to get the end computer to report it's ip > address(which can be behind a NAT and can be a private ip address(like > 192.168.x.x). > > When I check that url, it displays my public ip address that's on the > WAN side of pfSense here. But since I am connecting to their > webserver > via a TCP connection on port 80, they should know the public ip > address > I am connecting from. It's part of how TCP/IP works. > > Lyle Giese > LCR Computer Services, Inc. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > <mailto:[email protected]> > For additional commands, e-mail: [email protected] > <mailto:[email protected]> > > Commercial support available - https://portal.pfsense.org > >
