Find the answer to your Linux question:
Results 1 to 4 of 4
I have installed SQUID 3.0.STABLE18. Here is my Setup: LAN -> SQUID -> FIREWALL -> INTERNET The FIREWALL stores logs of all LAN users activity (such as ports blocked etc). ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! visham's Avatar
    Join Date
    Mar 2010
    Posts
    2

    Red face SQUID - Keep the Original IP of LAN Users


    I have installed SQUID 3.0.STABLE18.

    Here is my Setup:

    LAN -> SQUID -> FIREWALL -> INTERNET

    The FIREWALL stores logs of all LAN users activity (such as ports blocked etc). But now SQUID is ON, I do not get the log for each user, instead I get the IP of the SQUID box in the logs.

    I set: forwarded_for on, but no change in the logs.

    I want to keep the IP of the LAN user so that it is correctly logged in the firewall. Is there away to do this?


    Thanks for any help
    Last edited by visham; 03-04-2010 at 05:19 AM. Reason: Typo

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    that kind of defeats the purpose of the proxy, as the proxy fetches the data on behalf of the client
    linux user # 503963

  3. #3
    Just Joined! visham's Avatar
    Join Date
    Mar 2010
    Posts
    2
    Yeah, you are right!
    my concern is the logs in the FIREWALL. And also some rules set on the firewall (per IP) is not applied to the LAN users as only 1 IP is detected

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    then maybe you should consider placing the proxy on the other side of the firewall, like a border router/proxy server. but you if you are planning on enforcing content filtering it will be hard, as the proxy will only see one IP address coming at it. as far as setting it up to where computer1 can access forbidden sites while computer2 cannot.
    linux user # 503963

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •