Re: [squid-users] follow x forwarder 2.6 patch doesn't work!!!

From: Juraj Sakala <juraj.sakala@dont-contact.us>
Date: Sat, 29 Mar 2008 22:18:27 +0100

Filippo Micalizzi wrote / napísal(a):
> Juraj Sakala ha scritto:
>> Filippo Micalizzi wrote / napísal(a):
>>> Juraj Sakala ha scritto:
>>>> Filippo Micalizzi wrote / napísal(a):
>>>>> Hi guys,
>>>>> I've successfully installed on my customer one mini linux server
>>>>> with ubuntu
>>>>> 7.10 server edition, in which thanks to squid/ntlm autentication
>>>>> the only
>>>>> the member of internet-users group in Ad could access to the web.
>>>>> Now we
>>>>> would like to introduce a content filtering proxy (Dansguardian)
>>>>> and let it
>>>>> work with squid in order to add the this service. The problem is
>>>>> when squid
>>>>> listen on 127.0.0.1 acl doesn't work anymore and anyone could
>>>>> access to the
>>>>> web. I've read this problem is solved by using a special patch
>>>>> that enable
>>>>> the X-forwarding of ip address of the real client, and that's work
>>>>> again.
>>>>> I've downloaded this patch but every with all version of 2.6 I've
>>>>> got error
>>>>> on compiling (hunk ...FAILED).... Is it possible to get a new
>>>>> working one?
>>>>> I've tried to download a patch for newer version 3.0 stable 1 but
>>>>> it does,'t
>>>>> run..... My squid version is 2.6.STABLE14.
>>>>> Thank you very much everyboady!!!
>>>> You do not need to patch 2.6STABLE14. Just compile with
>>>> --enable-follow-x-forwarded-for.
>>> Hi,
>>> thank you again for your prompt answer....
>>> I've recompile it with this option and I added in my acl this option
>>> as suggested in the patcher's website
>>>
>>> acl localhost src 127.0.0.1
>>> acl my_other_proxy srcdomain .proxy.example.com
>>> follow_x_forwarded_for allow localhost
>>> follow_x_forwarded_for allow my_other_proxy
>>> acl_uses_indirect_client on
>>> delay_pool_uses_indirect_client on
>>> log_uses_indirect_client on
>>>
>>>
>>> but it still doesn't run...
>> for testing purpose try this:
>>
>> follow_x_forwarded_for allow all
>> acl_uses_indirect_client on
>> delay_pool_uses_indirect_client on
>> log_uses_indirect_client on
>>
>> what is in the access.log?
>> Do you have directive forwarded_for on child "my_other_proxy"? Is
>> yours DansGuradian configured for sending header X-Forwarded-For via
>> directive forwardedfor = on and usexforwardedfor=on?
> THANK YOU !!!
> THANKS TO YOUR SUGGESTION I SOLVE THE PROBLEM .... THANK YOU!!
>
:-)
Received on Sun Mar 30 2008 - 04:33:29 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT