Squid configuration directive tproxy_uses_indirect_client
History:
- Changes in 3.2 tproxy_uses_indirect_client
-
Controls whether the indirect client address found in the X-Forwarded-For header is used for spoofing instead of the directly connected client address. Requires both --enable-follow-x-forwarded-for and --enable-linux-netfilter
Configuration Details:
| Option Name: | tproxy_uses_indirect_client |
|---|---|
| Replaces: | |
| Requires: | --enable-follow-x-forwarded-for and --enable-linux-netfilter |
| Default Value: | tproxy_uses_indirect_client off |
| Suggested Config: |
|
Controls whether the indirect client address (see follow_x_forwarded_for) is used instead of the direct client address when spoofing the outgoing client. This has no effect on requests arriving in non-tproxy mode ports. SECURITY WARNING: Usage of this option is dangerous and should not be used trivially. Correct configuration of follow_x_forewarded_for with a limited set of trusted sources is required to prevent abuse of your proxy. |
|
Search
Introduction
- About Squid
- Why Squid?
- Squid Developers
- How to Help Out or Donate
- Getting Squid
- Squid Source Packages
- Squid Deployment Case-Studies
- Squid Software Foundation
Documentation
- Configuration:
- FAQ and Wiki
- Guide Books:
- Non-English
- More...
Support
- Security Advisories
- Bugzilla Database
- Mailing lists
- Contacting us
- Commercial services
- Project Sponsors
- Squid-based products
Miscellaneous
- Developer Resources
- Related Writings
- Related Software:
- Squid Artwork