httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Rectanus" <brect...@gmail.com>
Subject Re: 2.2.x as a transparent reverse proxy
Date Sat, 09 Dec 2006 01:48:18 GMT
On 12/8/06, Michael Cramer <cramer@webkist.com> wrote:
> Brian Rectanus wrote:
> > Yeah, sorry.  Should have been a bit more verbose there ;)
> >
> > I need client IP on the backend to deal with auth and logging.  I
> > cannot always control the backend server or config, so not always
> > possible to work around it.
> >
>
> mod_rpaf works fine for me. It fixes the IP on the backend so you see
> the client address, not the front-end server.
>
> Original source here: http://stderr.net/apache/rpaf/
> Some patches to deal with odd front-end/back-end situations here:
> http://blog.webkist.com/archives/000042.html
>
> I've used it with Apache 1.3, 2.0, and 2.2.

Yeah, this is for the backend and it must trust the headers, but the
backend in my case may not always be Apache and may be out of my
control.  The network needs to see the original client IP as well for
firewalls, etc.

I think cttproxy on Linux is really the only way to go.  I just wanted
to see if anyone had started (or even considered) such a project.

thanks,
-B

Mime
View raw message