don't hide x_Forwarded_For headers if havp is enabled

13 years ago · bf63351ae1
parent 69d968a605
commit bf63351ae1
2 changed files with 16 additions and 1 deletions
--- a/ipasserelle-base.spec
+++ b/ipasserelle-base.spec
@ -1,4 +1,4 @@
-%define version 0.2.2
+%define version 0.2.3
 %define release 1
 %define name ipasserelle-base

@ -45,6 +45,9 @@ Based on SMEServer, iPasserelle is a specially configured
 SME Server, with some additionnal modules

 %changelog
+* Mon Apr 16 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.3-1.sme
+- Don't hide X_Forwarded_For headers in squid if havp is enabled
+
 * Fri Apr 13 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.2-1.sme
 - Revert previous commit, bootstrap.min.css will go in webapps

--- a/root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor
+++ b/root/etc/e-smith/templates/etc/squid/squid.conf/96xForwardedFor
@ -1,6 +1,18 @@
+{
+
+if (($havp{'status'} || 'disabled') ne 'enabled'){
+    $OUT .=<<"EOF";

 acl localhost src 127.0.0.1
 follow_x_forwarded_for allow localhost
 forwarded_for off
 header_access X-Forwarded-For deny all

+EOF
+
+}
+else{
+    $OUT .= '';
+}
+
+}