Haproxy for Squid - How keep original IP


#1

Hello.

I am use HaProxy on Debian8 Load Balancing for 2 Squid Proxy “No Transparent” port 3128 with Autentication OpenLdap.

All work fine.

But in the log file on Squid (access.log) only show IP of HAproxy but no the IP of Client.

I Try with opcion X-Client but no result.

My haproxy.cfg

listen SQUID 0.0.0.0:3128
mode http
cookie SERVERID insert indirect nocache
balance roundrobin
option httpclose
option forwardfor header X-Client
option forwardfor
server squid1 192.168.1.116:3128 check inter 2000 rise 2 fall 5
server squid2 192.168.1.200:3128 check inter 2000 rise 2 fall 5

Thanks for your atention.

Sorry for y English.


#2

Did you configure Squid accordingly?

http://www.squid-cache.org/Doc/config/forwarded_for/


#3

Hi,

Ok, i try in the afternon and show the result.

thanks for you questions.


#4

Hello,

Try put this line:

option forwardfor except 127.0.0.1/8

On defaults section of haproxy.cfg


#5

Hello I Solve with:

acl haproxy src ip_of_haproxy
follow_x_forwarded_for allow haproxy

Ref: http://www.squid-cache.org/Doc/config/follow_x_forwarded_for/


#6

thanks a lot for the link lukastribus, it really helped me. can i ask some questions if i would have some others later? thank you!


#7

Sure just ask, there is no need to ask if you can ask :slight_smile: