0

I have an environment that uses thin client technology. Many thin clients connect to a central server, log in, and get an X session under their username. All requests to the internet come from the master server's IP.

I would like to set up a proxy to log traffic for diagnostic purposes, as users visiting cretin websites have been known to drive up the load on the server. The flow will be as follows:

Thin Clients (1-n) ----> Server ----> SQUID ----> Internet

The issue is that this will not provide any useful logging information since every request simply comes from the central server. Is there anyway I could possibly inject an "X-Forwarded-For: INSERT_USERNAME_HERE" into each HTTP request which squid will log and drop the header so that the website does not receive it.

user974896
  • 341
  • 1
  • 6
  • 15
  • is proxy with authentication an option? – Lluís Jan 08 '13 at 16:00
  • No it needs to be transparent to the user. If I could somehow force some pseudo authentication by hard setting the firefox proxy to user@proxy on login it will be fine. – user974896 Jan 08 '13 at 20:30

1 Answers1

0

Squid supports proxy authentication, forcing your users to log in to the proxy before they get access to the internet.

longneck
  • 23,082
  • 4
  • 52
  • 86
  • Thanks. I don't want to have to set up all the user database and stuff. That's why I'd rather somehow just stuff the username into a header. Anyway I can set per-user proxy settings that are applied upon login? I see that firefox has a "Use system proxy settings" bubble. If I could set the "system proxy" setting for each user to username@proxy:port I could achieve the same effect. – user974896 Oct 18 '12 at 14:05
  • you can try with http_proxy environment variable `http_proxy=http://username:password@hostname:port` – Lluís Jan 08 '13 at 21:27