22.01.2019 19:51, Alex Rousskov пишет:
It sounds like you misunderstood my questions. I will detail them below. I suspect that fff...fff comes from %>A (whether that %code comes from the default url_rewrite_extras in your configuration is unimportant). %>A is documented to to be a client FQDN. I am not sure, and this is not documented, but perhaps when the client IP address does not point back to a domain name, %>A should be a client IP address. For intermediate certificate downloading transactions, Squid does not have a client address because those transactions are not initiated by a client connection to Squid. They are generated internally by Squid. In such cases, Squid should be sending a dash (-), not 127.0.0.1, not fff...fff, not localhost, and not anything else that might be misinterpreted as a client IP address or domain name. I have not investigated why Squid does not send a dash, or what it would take to fix Squid, but it is likely that this will be eventually fixed because lying about client address is a bug. To plan the deployment of that future fix, it may be useful to know whether the redirector you use handles a dash value for %>A correctly. You may be able to test that by configuring url_rewrite_extras explicitly and replacing %>A with a dash.
Thank you for explanation, it is easier for me to contact rejik developer and ask him to pass traffic if client address is "-" as he already did for
fff...fff. So, I'll inform him that such change is planned and he will be ready :-) Thank you! _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
