在局域网通过透明代理访问外部的web服务器时,
在web服务器端,
通过header HTTP_X_FORWARDED_FOR 可以知道代理服务器的服务器名以及端口,
通过HTTP_VIA可以知道客户的内部ip,这会带来一些安全问题,并且某些论坛会发现用的是代理访问,怎么让squid隐藏这些信息呢.
通过研究squid的源代码,发现在/etc/squid/squid.conf中添加2行:
header_access Via deny all
header_access X-Forwarded-For deny all
就可以把它关闭
要去掉其他的header,也可以照此操作:
Accept | HTTP_ACCEPT |
Accept-Charset | HTTP_ACCEPT-CHARSET |
Accept-Encoding | HTTP_ACCEPT-ENCODING |
Accept-Language | HTTP_ACCEPT-LANGUAGE |
Accept-Ranges | HTTP_ACCEPT-RANGES |
Age | HTTP_AGE |
Allow | HTTP_ALLOW |
Authorization | HTTP_AUTHORIZATION |
Cache-Control | HTTP_CACHE-CONTROL |
Connection | HTTP_CONNECTION |
Content-Base | HTTP_CONTENT-BASE |
Content-Disposition | HTTP_CONTENT-DISPOSITION |
Content-Encoding | HTTP_CONTENT-ENCODING |
Content-Language | HTTP_CONTENT-LANGUAGE |
Content-Length | HTTP_CONTENT-LENGTH |
Content-Location | HTTP_CONTENT-LOCATION |
Content-MD5 | HTTP_CONTENT-MD5 |
Content-Range | HTTP_CONTENT-RANGE |
Content-Type | HTTP_CONTENT-TYPE |
Cookie | HTTP_COOKIE |
Date | HTTP_DATE |
ETag | HTTP_ETAG |
Expires | HTTP_EXPIRES |
From | HTTP_FROM |
Host | HTTP_HOST |
If-Match | HTTP_IF-MATCH |
If-Modified-Since | HTTP_IF-MODIFIED-SINCE |
If-None-Match | HTTP_IF-NONE-MATCH |
If-Range | HTTP_IF-RANGE |
Last-Modified | HTTP_LAST-MODIFIED |
Link | HTTP_LINK |
Location | HTTP_LOCATION |
Max-Forwards | HTTP_MAX-FORWARDS |
Mime-Version | HTTP_MIME-VERSION |
Pragma | HTTP_PRAGMA |
Proxy-Authenticate | HTTP_PROXY-AUTHENTICATE |
Proxy-Authentication-Info | HTTP_PROXY-AUTHENTICATION-INFO |
Proxy-Authorization | HTTP_PROXY-AUTHORIZATION |
Proxy-Connection | HTTP_PROXY-CONNECTION |
Public | HTTP_PUBLIC |
Range | HTTP_RANGE |
Referer | HTTP_REFERER |
Request-Range | HTTP_REQUEST-RANGE |
Retry-After | HTTP_RETRY-AFTER |
Server | HTTP_SERVER |
Set-Cookie | HTTP_SET-COOKIE |
Title | HTTP_TITLE |
Transfer-Encoding | HTTP_TRANSFER-ENCODING |
Upgrade | HTTP_UPGRADE |
User-Agent | HTTP_USER-AGENT |
Vary | HTTP_VARY |
Via | HTTP_VIA |
Warning | HTTP_WARNING |
WWW-Authenticate | HTTP_WWW-AUTHENTICATE |
Authentication-Info | HTTP_AUTHENTICATION-INFO |
X-Cache | HTTP_X-CACHE |
X-Cache-Lookup | HTTP_X-CACHE-LOOKUP |
X-Forwarded-For | HTTP_X-FORWARDED-FOR |
X-Request-URI | HTTP_X-REQUEST-URI |
X-Squid-Error | HTTP_X-SQUID-ERROR |
Negotiate | HTTP_NEGOTIATE |
X-Accelerator-Vary | HTTP_X-ACCELERATOR-VARY |
Other: | HTTP_OTHER: |