diff -uNr squid-2.6.STABLE13.orig/src/cf.data.pre squid-2.6.STABLE13/src/cf.data.pre
--- squid-2.6.STABLE13.orig/src/cf.data.pre	2007-04-24 23:30:03.000000000 +0200
+++ squid-2.6.STABLE13/src/cf.data.pre	2007-06-22 18:46:24.174880872 +0200
@@ -2933,6 +2933,42 @@
 	direct client address in the access log.
 DOC_END
 
+NAME: outgoing_tos_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.outgoing_tos_uses_indirect_client
+DOC_START
+	Controls whether the indirect client address
+	(see follow_x_forwarded_for) is used instead of the
+	direct client address in the tcp_outgoing_tos.
+DOC_END
+
+NAME: outgoing_address_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.outgoing_address_uses_indirect_client
+DOC_START
+	Controls whether the indirect client address
+	(see follow_x_forwarded_for) is used instead of the
+	direct client address in the tcp_outgoing_address.
+DOC_END
+
+NAME: tproxy_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR && LINUX_TPROXY
+DEFAULT: on
+LOC: Config.onoff.tproxy_uses_indirect_client
+DOC_START
+	Controls whether the indirect client address
+	(see follow_x_forwarded_for) is used instead of the
+	direct client address for spoofing tproxy address.
+DOC_END
+
 NAME: http_access
 TYPE: acl_access
 LOC: Config.accessList.http
diff -uNr squid-2.6.STABLE13.orig/src/forward.c squid-2.6.STABLE13/src/forward.c
--- squid-2.6.STABLE13.orig/src/forward.c	2007-04-17 11:35:17.000000000 +0200
+++ squid-2.6.STABLE13/src/forward.c	2007-06-22 18:51:01.275836354 +0200
@@ -424,6 +424,11 @@
     aclCheck_t ch;
     memset(&ch, '\0', sizeof(aclCheck_t));
     if (request) {
+#if FOLLOW_X_FORWARDED_FOR
+	    if (Config.onoff.outgoing_address_uses_indirect_client)
+	        ch.src_addr = request->indirect_client_addr;
+	    else
+#endif /* FOLLOW_X_FORWARDED_FOR */
 	ch.src_addr = request->client_addr;
 	ch.my_addr = request->my_addr;
 	ch.my_port = request->my_port;
@@ -438,6 +443,11 @@
     aclCheck_t ch;
     memset(&ch, '\0', sizeof(aclCheck_t));
     if (request) {
+#if FOLLOW_X_FORWARDED_FOR
+	    if (Config.onoff.outgoing_tos_uses_indirect_client)
+	        ch.src_addr = request->indirect_client_addr;
+	    else
+#endif /* FOLLOW_X_FORWARDED_FOR */
 	ch.src_addr = request->client_addr;
 	ch.my_addr = request->my_addr;
 	ch.my_port = request->my_port;
@@ -590,6 +600,11 @@
 #if LINUX_TPROXY
 	if (fwdState->request->flags.tproxy) {
 
+#if FOLLOW_X_FORWARDED_FOR
+	    if (Config.onoff.tproxy_uses_indirect_client)
+	        itp.v.addr.faddr = fwdState->request->indirect_client_addr;
+	    else
+#endif /* FOLLOW_X_FORWARDED_FOR */
 	    itp.v.addr.faddr.s_addr = fwdState->src.sin_addr.s_addr;
 	    itp.v.addr.fport = 0;
 
diff -uNr squid-2.6.STABLE13.orig/src/structs.h squid-2.6.STABLE13/src/structs.h
--- squid-2.6.STABLE13.orig/src/structs.h	2007-04-27 01:11:51.000000000 +0200
+++ squid-2.6.STABLE13/src/structs.h	2007-06-22 18:46:24.178213976 +0200
@@ -678,6 +678,11 @@
 	int acl_uses_indirect_client;
 	int delay_pool_uses_indirect_client;
 	int log_uses_indirect_client;
+	int outgoing_tos_uses_indirect_client;
+	int outgoing_address_uses_indirect_client;
+#if LINUX_TPROXY
+	int tproxy_uses_indirect_client;
+#endif
 #endif
     } onoff;
     acl *aclList;