Hello, I have installed SQUID 3.0.STABLE18. Here is my Setup: LAN -> SQUID -> FIREWALL -> INTERNET The FIREWALL stores logs of all LAN users activity (such as ports blocked etc). But now SQUID is ON, I do not get the log for each user, instead I get the IP of the SQUID box in the logs. I set: forwarded_for on, but no change in the logs. I want to keep the IP of the LAN user so that it is correctly logged in the firewall. Is there away to do this? Thanks for any help
You cannot do that because the firewall is logging connections at layer 3, while your forwarded-for headers are at layer 7. You could do deep packet inspection how ever your machine would be overwhelmed with the number of packets it would have to process.
Thanks for your reply. I think I have to move the SQUID box the other side of the firewall. LAN -> FIREWALL -> SQUID -> INTERNET and then set it in transparent mode. It this a good setup?
