Results 1 to 4 of 4
I have installed SQUID 3.0.STABLE18.
Here is my Setup:
LAN -> SQUID -> FIREWALL -> INTERNET
The FIREWALL stores logs of all LAN users activity (such as ports blocked etc). ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-04-2010 #1Just Joined!
- Join Date
- Mar 2010
- Posts
- 2
SQUID - Keep the Original IP of LAN Users
I have installed SQUID 3.0.STABLE18.
Here is my Setup:
LAN -> SQUID -> FIREWALL -> INTERNET
The FIREWALL stores logs of all LAN users activity (such as ports blocked etc). But now SQUID is ON, I do not get the log for each user, instead I get the IP of the SQUID box in the logs.
I set: forwarded_for on, but no change in the logs.
I want to keep the IP of the LAN user so that it is correctly logged in the firewall. Is there away to do this?
Thanks for any helpLast edited by visham; 03-04-2010 at 04:19 AM. Reason: Typo
- 03-04-2010 #2Linux Enthusiast
- Join Date
- Jan 2010
- Location
- Western Kentucky
- Posts
- 626
that kind of defeats the purpose of the proxy, as the proxy fetches the data on behalf of the client
linux user # 503963
- 03-04-2010 #3Just Joined!
- Join Date
- Mar 2010
- Posts
- 2
Yeah, you are right!
my concern is the logs in the FIREWALL. And also some rules set on the firewall (per IP) is not applied to the LAN users as only 1 IP is detected
- 03-04-2010 #4Linux Enthusiast
- Join Date
- Jan 2010
- Location
- Western Kentucky
- Posts
- 626
then maybe you should consider placing the proxy on the other side of the firewall, like a border router/proxy server. but you if you are planning on enforcing content filtering it will be hard, as the proxy will only see one IP address coming at it. as far as setting it up to where computer1 can access forbidden sites while computer2 cannot.
linux user # 503963
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
