Re: [squid-users] Detecting and blocking child proxy servers

From: Juraj Sakala <[email protected]>
Date: Fri, 27 Jul 2007 07:36:31 +0200

> Thanks once again for sharing light on this. Do you have any examples
> where I can use req_header to detect if my clients have their own proxy
> servers?
>
> Any clue, web links or posts will highly be appreciated.
>
> Also is req_header the only option whereby we can detect child proxies?
> Or do we also have other options for detecting child proxies?
>
> I googled and found the Follow X-Forwarded-For headers (follow_xff) tag.
> Do you have any ideas regarding this?

Yes, X-Forwarded-For headers can be useful. There is same problem as with Via
header - spoofable. In default squid configuration is directive forwarded_for
set to on. It means, that squid forward forwarded-for header to upstrem
proxy. Your squid has to be compilled with --enable-follow-x-forwarded-for
option, and in squid config you need this directives:
follow_x_forwarded_for allow all
acl_uses_indirect_ckient on
log_uses_indirect_client on

Then you can track clients behind child proxy's. But all is depending on child
squid configuration.
Received on Thu Jul 26 2007 - 23:36:42 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:04 MDT