I've done plenty of googling readnig of articles but I cannot get my squid setup to log the client ip's.
I'm not sure if it's even possible with my setup. The squid logs all show :
Code:
172.16.108.1 TCP_MISS/200 7330 CONNECT urs.microsoft.com:443 - DIRECT/213.199.170.73 -
So the gateway ip of
172.16.108.1 and not the actual clients. My log generator can only show "one" user.
Anyway here is a quick diagram of the network :
Clients (10.0.1.0-200, Microsoft WinXP, Win2003 domain)
Proxy Server : 172.16.108.200 (172x range is internal servers only in protected network)
ADSL Modem (DHCP activated) --> 192.168.1.254
Right, now the proxy server is a vmware machine located on host with 6 network cards. 3 of the network cards are linked directly only to this proxy server (dedicated)
Eth0 : 172.16.108.200 (proxy/squid address on port 8080)
Eth1 : 192.168.1.35 (dhcp lease from adsl modem / gateway)
eth2: 10.0.1.233 (client ip range
My routing tables
Code:
proxy:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.16.108.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth1
Everything is working perfectly except for the client logging. I figured it had something to do with the different ip range that the clients were in.
To test this I made a new client in the 172.x range, this one appeared in my logging with the
correct ip.
But the clients cannot be put in this range
. Is there a work-around for this issue? Maybe with the correct routing tables or third party software? Different loggin tool perhaps?
Or can I have the clients send there ip's with a request towards the proxy server? Or is my only option to set the proxy server in the 10.x range?
For testing I did add eth2 (10.x) to the proxy server, it didn't make any difference.