[squid-users] Client IP spoofing via squid proxy

Amos Jeffries squid3 at treenet.co.nz
Fri May 8 16:01:35 UTC 2015


On 9/05/2015 1:56 a.m., Ambadas Hibare wrote:
> Hi Amos,
> 
> It's happening as you said:
> 
> the packets doing this:
>  client -----> Squid -SYN-> server
>  client <-------------ACK-- server
>  client -RST-> Squid 
> 
> There's a firewall in between squid & web server which is directly sending SYN-ACK to client instead of squid.
> 
> But in my requirement, the clients are configured with IP & Port. Is there any possible way/approach by which I can make client IP hide towards web server?
> 
> Any help appreciated


With Squid-3.4 or later:
 <http://www.squid-cache.org/Doc/config/spoof_client_ip/>

set it to "deny all"

Amos



More information about the squid-users mailing list