Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
m1l05
Explorer

Log for web proxy traffic with specification of request

Hello,

is there any possibility to view the traffic log with specification of requests as they come from clients to explicit web proxy server configured at Checkpoint gateway (R80.30)? 

On CP GW: HTTPS Inspection is disabled, X-Forwarded-For is enabled.

Something in style of squid web proxy log, where one can find info about command sent by client, e.g. "CONNECT <dns hostname>:443", "GET http://<dns hostname>/blah.js"

The main aim is to be able to put together client (source) IP address and remote (destination) URL, while the traffic is passing three web proxy servers on its way to destination. Checkpoint explicit web proxy is the first one in the proxy chain, the one contacted by client. There I can see client's source IP address, but destination's IP address is IP address of CP web proxy. The squid web proxy is the second one and there I can find destination URL, but source IP address is IP address of CP web proxy, not the real client's IP adress.

Most of traffic is encrypted, so client's IP address stored in HTTP header X-Forwarded-For is not visible at squid web proxy.

Thank you for any advice or comment

milos

0 Kudos
3 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events