On Tue, 4 Nov 2003, ROUTIER Gilles wrote:
> Hy,
>
> I would like that Squid presente with @ the IP of the customer when it
> carries out a request.
It does, but not all web sites know about proxies or how to get the users
IP address on requests forwarded via proxies (X-Fowarded-For request
header). This header is good for logging and auditing purposes, but should
not be used for security purposes unless you (the web server
administrators) fully trust the proxy you (the web server) got this
request from.
> The customer is authorized to connect itself with his @ IP to a http
> server.
Then he must not use a proxy, or arrange with the administrators of the
server in question to have your proxy authorized to connect to the server,
maybe in combination with the above.
> When it is connected, the http server receives to it @ IP of Squid and
> returns to him like message: "Refused Access"
Correct, as the request is not coming from the authorized customer but
your proxy, and your proxy is not the customer. This is per definition of
being a proxy.
Regards
Henrik
Received on Tue Nov 04 2003 - 08:45:37 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:05 MST