>> Is it possible to apply 'forwarded_for' directive on acl, like:
>> acl somewhere_someone dst ip-address/netmask
>> forwarded_for allow somewhere_someone
>>
M> We can do this with "tcp_outgoing_aaddress TAG"
Unfortunately tcp_outgoing_address TAG does not approach
He serves absolutely for other purposes.
It is necessary, that (for predefined destination addresses only),
HTTP protocol was substituted with kludge of the source address,
that does forwarded_for...
For example:
user (10.0.0.1) -> GW -> target_service (100.200.0.1 : 80) comes as GW, but X_HTTP_FORWARDED_FOR = 10.0.0.1
user (10.10.0.1) -> GW -> other_service (200.100.0.1 : 80) comes as GW and X_HTTP_FORWARDED_FOR = unknown
where GW - means gateway where squid is installed
-- Dmitry Shukaylo mailto:aaaee2@is.lg.uaReceived on Tue Sep 07 2004 - 00:24:23 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT