[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Internal IP Address Detection Through NAT

On Wed, 2004-12-08 at 14:34, messmate wrote:
> >This is correct.  Squid by default includes a "X-Forwarded-For: header
> >on each HTTP request showing the original requesting IP address.  This
> >can be disabled in squid.conf with "forwarded_for off".
> >
> Sorry, not correct. I'm behind my squid and forwarded on or off the
> header is there !
the X-Forwarded-For header is present whether you set the
"forwarded_for" directive to "on" or "off"--the difference is that with
it set to "off" the header reads:
        X-Forwarded-For: unknown\r\n
which would rule it out as the source of the IP leak that the OP is
asking about.
you can also control what is shown in the Via header by setting the
"visible_hostname" directive.  again--ruling out squid as the source of
the leak...
oh--and if the "Via: " header bugs you:
        header_access Via deny all
works without and recompile...  as does:
        header_access X-Forwarded-For deny all
"Oh, so they have internet on computers now!"
	--The Simpsons