[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Internal IP Address Detection Through NAT



On Wed, 08 Dec 2004 19:22:53 -0500
Jason Opperisano <[email protected]> wrote:
>On Wed, 2004-12-08 at 14:34, messmate wrote:
>> >This is correct.  Squid by default includes a "X-Forwarded-For:
>header> >on each HTTP request showing the original requesting IP
>address.  This> >can be disabled in squid.conf with "forwarded_for
>off".> >
>> Sorry, not correct. I'm behind my squid and forwarded on or off the
>> header is there !
>
>the X-Forwarded-For header is present whether you set the
>"forwarded_for" directive to "on" or "off"--the difference is that with
>it set to "off" the header reads:
>
>        X-Forwarded-For: unknown\r\n
>
I agree :)
>which would rule it out as the source of the IP leak that the OP is
>asking about.
>
>you can also control what is shown in the Via header by setting the
>"visible_hostname" directive.  again--ruling out squid as the source of
>the leak...
>
>oh--and if the "Via: " header bugs you:
>
>        header_access Via deny all
>        
Tested and works on openbsd without a recompile :)
>works without and recompile...  as does:
>
>        header_access X-Forwarded-For deny all
>
>-j
Thanks
mess-mate