在局域网通过透明代理访问外部的web服务器时,
在web服务器端,
通过header HTTP_X_FORWARDED_FOR 可以知道代理服务器的服务器*以及端口,
通过HTTP_VIA可以知道客户的内部ip,这会带来*些安全问题,并且某些论坛会发现用的是代理访问,怎么让squid隐藏这些信息呢.
通过研究squid的源代码,发现在/etc/squid/squid.conf中添加2行:
header_access Via deny all
header_access X-Forwarded-For deny all
就可以把它关闭
要去掉其他的header,也可以照此操作:
| Accept | HTTP_ACCEPT |
| Accept-Charset | HTTP_ACCEPT-CHARSET |
| Accept-Encoding | HTTP_ACCEPT-ENCODING |
| Accept-Language | HTTP_ACCEPT-LANGUAGE |
| Accept-Ranges | HTTP_ACCEPT-RANGES |
| Age | HTTP_AGE |
| Allow | HTTP_ALLOW |
| Authorization | HTTP_AUTHORIZATION |
| Cache-Control | HTTP_CACHE-CONTROL |
| Connection | HTTP_CONNECTION |
| Content-Base | HTTP_CONTENT-BASE |
| Content-Disposition | HTTP_CONTENT-DISPOSITION |
| Content-Encoding | HTTP_CONTENT-ENCODING |
| Content-Language | HTTP_CONTENT-LANGUAGE |
| Content-Length | HTTP_CONTENT-LENGTH |
| Content-Location | HTTP_CONTENT-LOCATION |
| Content-MD5 | HTTP_CONTENT-MD5 |
| Content-Range | HTTP_CONTENT-RANGE |
| Content-Type | HTTP_CONTENT-TYPE |
| Cookie | HTTP_COOKIE |
| Date | HTTP_DATE |
| ETag | HTTP_ETAG |
| Expires | HTTP_EXPIRES |
| From | HTTP_FROM |
| Host | HTTP_HOST |
| If-Match | HTTP_IF-MATCH |
| If-Modified-Since | HTTP_IF-MODIFIED-SINCE |
| If-None-Match | HTTP_IF-NONE-MATCH |
| If-Range | HTTP_IF-RANGE |
| Last-Modified | HTTP_LAST-MODIFIED |
| Link | HTTP_LINK |
| Location | HTTP_LOCATION |
| Max-Forwards | HTTP_MAX-FORWARDS |
| Mime-Version | HTTP_MIME-VERSION |
| Pragma | HTTP_PRAGMA |
| Proxy-Authenticate | HTTP_PROXY-AUTHENTICATE |
| Proxy-Authentication-Info | HTTP_PROXY-AUTHENTICATION-INFO |
| Proxy-Authorization | HTTP_PROXY-AUTHORIZATION |
| Proxy-Connection | HTTP_PROXY-CONNECTION |
| Public | HTTP_PUBLIC |
| Range | HTTP_RANGE |
| Referer | HTTP_REFERER |
| Request-Range | HTTP_REQUEST-RANGE |
| Retry-After | HTTP_RETRY-AFTER |
| Server | HTTP_SERVER |
| Set-Cookie | HTTP_SET-COOKIE |
| Title | HTTP_TITLE |
| Transfer-Encoding | HTTP_TRANSFER-ENCODING |
| Upgrade | HTTP_UPGRADE |
| User-Agent | HTTP_USER-AGENT |
| Vary | HTTP_VARY |
| Via | HTTP_VIA |
| Warning | HTTP_WARNING |
| WWW-Authenticate | HTTP_WWW-AUTHENTICATE |
| Authentication-Info | HTTP_AUTHENTICATION-INFO |
| X-Cache | HTTP_X-CACHE |
| X-Cache-Lookup | HTTP_X-CACHE-LOOKUP |
| X-Forwarded-For | HTTP_X-FORWARDED-FOR |
| X-Request-URI | HTTP_X-REQUEST-URI |
| X-Squid-Error | HTTP_X-SQUID-ERROR |
| Negotiate | HTTP_NEGOTIATE |
| X-Accelerator-Vary | HTTP_X-ACCELERATOR-VARY |
| Other: | HTTP_OTHER: |