ROUTIER Gilles wrote:
>
> Hy,
>
> I would like that Squid presente with @ the IP of the customer when it
> carries out a request.
> Because currently, squid returns its IP to carry out its request what
> poses problems of safety measures.
>
> Exemple :
> The customer is authorized to connect itself with his @ IP to a http
> server.
> When it is connected, the http server receives to it @ IP of Squid and
> returns to him like message: "Refused Access"
>
> Thanks
> Gil
Basically , unavoidable by the nature of using the Squid proxy.
Remote server can use the X-Forwarded-for field added by squid
to the request to add the client ip.
Squid can not presents itself with the ip of the customer, it's an
app. not a network protocol.
Basically, IP based auth. these days is outdated (conceptually).
In today's Internet IP has been turned around into some
kind of Superlan protocol (Nating tricks. e.d.). Make any source IP
in most cases quite irrelevant in the context of app. authentication.
Advise the remote site to use username/pw. authentication, for
instance.
M.
-- 'Love is truth without any future. (M.E. 1997)Received on Tue Nov 04 2003 - 05:34:33 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:05 MST