[squid-users] Block WebRTC Leak using Squid
Sekar Duraisamy
sekarit at gmail.com
Mon Aug 28 06:25:54 UTC 2017
Hi,
I have tried the below.
via on
forwarded_for delete
visible_hostname localhost
request_header_access User-Agent deny all
But still I am able to see original client local IP address and Client
Public IP address instead of tcp_outgoing_address as original client
IP.
Am i missed anything here?
On Fri, Aug 25, 2017 at 2:11 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 25/08/17 14:00, Sekar Duraisamy wrote:
>>
>> Thanks Amos, Can i use the above configuration even though I am using
>> tcp_outgoing_address in the squid conf?
>>
>> I want to make visible only tcp_outgoing_address only visible to
>> outside and not real client IP.
>>
>
> The second set of directives to hide the client will work.
>
> The first set to hide the proxy are kind of pointless when using a
> proxy-specific IP address / identifier on all traffic out of the proxy.
>
> Amos
>
>
>
>> On Fri, Aug 25, 2017 at 4:11 AM, Amos Jeffries wrote:
>>>
>>> On 25/08/17 03:21, Sekar Duraisamy wrote:
>>>>
>>>>
>>>> I am using http_port 3128 ( direct proxy )
>>>>
>>>
>>> Then:
>>>
>>> # to hide the proxy
>>> via off
>>> forwarded_for transparent
>>>
>>> # to hide the client
>>> via on
>>> forwarded_for delete
>>> request_header_access User-Agent deny all
>>>
>>>
>>> As you may be able to tell from those you cannot hide both at once.
>>>
>>> Amos
>>>
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list