httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch ...@sfritsch.de>
Subject Re: mod_remoteip does NOT change access-log IP
Date Thu, 24 Jan 2013 20:02:24 GMT
On Wednesday 23 January 2013, Reindl Harald wrote:
> hi
> 
> LoadModule            remoteip_module "modules/mod_remoteip.so"
> RemoteIPHeader        X-Forwarded-For
> RemoteIPInternalProxy 127.0.0.1 10.0.0.4 10.0.0.103 91.118.73.4
> ________________________
> 
> PHP - fine, exactly how it should do:
> _SERVER["SERVER_ADDR"]	10.0.0.99
> _SERVER["SERVER_PORT"]	8080
> _SERVER["REMOTE_ADDR"]	10.0.0.99
> ________________________
> 
> BUT access-log contains the ip of the apache trafficserver
> this is a major problem for replace mod_rafp with mod_remoteip
> because webalizer-usages are more or less useless
> 
> 10.0.0.103 - - [23/Jan/2013:17:01:53 +0100] "GET
> /images/page/tidy_16.gif HTTP/1.1" 304 -
> "http://www.test.rh:8080/" "Mozilla/5.0 (X11; Linux x86_64;
> rv:18.0) Gecko/20100101 Firefox/18.0" (-%)


The problem seems to be ap_get_remote_host() which is used by the %h 
used in the default access log format. But resolving an IP address 
that came via X-Forwarded-For does not make any sense anyway, because 
the server's view of DNS may be different than the proxy's view.

If you use %a instead of %h, that should do the right thing. There is 
also a "%{c}a" to get the proxy's IP.

That's rather confusing. Any opionions if the behavior should be 
changed or if this should be fixed by documentation?

Mime
View raw message