On 3/13/08, Nadeem M. Khan nadeem.m.khan@gmail.com wrote:
On Thu, Mar 13, 2008 at 9:55 AM, Agnello George agnello.dsouza@gmail.com wrote:
I have configured a squid server that allows a IP range of 192.168.0.XX
to
surf the internet , but in the logs i see a lot of public IP address,
how
is this possibly happening ???? Bellow is the logs !!!
##################################################################################### 1205406926.776 255 192.168.0.101 TCP_MISS/200 438 GET http://mail.google.com/mail/images/cleardot.gif? - DIRECT/209.85.153.83 image/gif
209.85.153.83 is Google's ip. Thats your destination, not source.
Regards, NMK.
If you chk the log file a sent eairlier the fist line ( 192.168.101 ) of the bellow log is OK ...that one of our local clients accessing a site !!
1205406926.776 255 192.168.0.101 TCP_MISS/200 438 GET http://mail.google.com/mail/images/cleardot.gif? - DIRECT/209.85.153.83 image/gif
But the whoes IP address is 219.254.32.113 ???? similarly 219.254.32.113, 89.149.242.226 , 71.228.204.50 ...... , where have these IP come from ?? ( see bellow log )
1205406926.780 6 219.254.32.113 TCP_DENIED/403 4197 CONNECT 203.141.160.33:25 - NONE/- text/html 1205406926.812 1680 124.115.0.175 TCP_MISS/200 21162 GET http://www.soso.com/q? - DIRECT/60.28.232.146 text/html 1205406926.900 575 89.149.242.226 TCP_MISS/200 894 POST http://www.glookle.com/usr/proxy/checker5/check.php - DIRECT/89.149.242.226 text/html 1205406927.017 852 71.228.204.50 TCP_MISS/999 5104 GET http://n2.login.scd.yahoo.com/config/pwtoken_get? - DIRECT/209.73.168.34 text/html 1205406927.063 868 84.187.189.180 TCP_MISS/302 381 HEAD http://cl-erotic.com/members/ - DIRECT/78.108.179.136 text/html
Thanks for all the help!! :)