On Mon, 30 Jul 2007 03:36:08 +0200 Henrik Nordstrom <henrik@henriknordstrom.net> wrote:
> For this you use tcp_outgoing_address combined with policy routing in
> your OS to route the traffic to the right gateway based on the source IP
> set by Squid.
Does it work with follow_x_forwarded_for? I have the following setup:
follow_x_forwarded_for allow localhost
acl our_networks src 192.168.0.0/24 192.168.2.0/24
acl my_ip src 84.32.xx.xx
http_access allow our_networks
http_access allow my_ip
tcp_outgoing_address 81.7.xx.xx my_ip
tcp_outgoing_address 193.219.xx.xx
server_persistent_connections off
If my X-Forwarded-For address is 84.32.xx.xx, outgoing address is 193.219.xx.xx,
while it should be 81.7.xx.xx, right? If I change 2nd tcp_outgoing_address line to
tcp_outgoing_address 81.7.xx.xx
then outgoing adress is 81.7.xx.xx.
If I don't use follow_x_forwarded_for everything works OK. squid-2.6.STABLE13.
After searching a bit, I found http://www.squid-cache.org/bugs/show_bug.cgi?id=1886.
The patch in it is a bit incorrect. The corrected patch is attached and it works with
my setup.
Regards,
Nerijus
This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT