On Fri, 2005-12-02 at 11:11 +0100, Jonathan De Graeve wrote:
> We are not working with cookies in here.
> The only thing todo this is to use the 'HTTP_X_FORWARDED_FOR' http
> header as the clientip
> And not all proxies sent this field. If you have a proxy you should
> enable it to sent this header.
I have it enabled in Squid (just checked the squid.conf) with the same
result as before. I would prefer to not have this option enabled as it
will potentially expose the internal IP addressing schema to the
> I will work on a captive portal enhancement for this if its really
> Can't you just put the http proxy AFTER the m0n0wall box instead of
> before? And even then you can enable authentication on the proxy
> resulting in no need for a captive portal.
No. Putting the proxy after m0n0wall will expose the proxy to the
Internet (you knew that didn't you?) I could install two m0n0wall
boxes. One as the firewall, the other as the Captive Portal with the
Proxy in the middle. Bit silly really. Much better to use an optional