Re: [squid-users] Fwd: Squid as authentication proxy that doesn't replace source IP addresses

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Mon, 11 Aug 2008 18:00:44 +1200 (NZST)

> Hi there,
>
> I have a squid proxy server that all browsers are configured to use
> and has been working fine for years now. However I now need to be able
> to still use the proxy to authenticate the users (via LDAP) but not
> replace the source IP address as we now have a transparent bridge that
> also logs HTTP connections out on several pipes and allows us to
> provide username mappings for certain (locked down) IP addresses.
> However all requests that come through from the Proxy server have the
> source IP of Squid and I need to be able to see the original source IP
> addresses.
>
> Any help is greatly appreciated.

HTTP does not permit both transparency and authentication.

Your best scenario would be to place the bridge between squid and the
clients.

Amos
Received on Mon Aug 11 2008 - 06:00:47 MDT

This archive was generated by hypermail 2.2.0 : Mon Aug 11 2008 - 12:00:02 MDT