Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id E753D200C69 for ; Sat, 6 May 2017 16:09:43 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id DB1A1160BAD; Sat, 6 May 2017 14:09:43 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id D26BC160BA2 for ; Sat, 6 May 2017 16:09:42 +0200 (CEST) Received: (qmail 65286 invoked by uid 500); 6 May 2017 14:09:41 -0000 Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: docs@httpd.apache.org List-Id: Delivered-To: mailing list docs@httpd.apache.org Received: (qmail 65276 invoked by uid 99); 6 May 2017 14:09:41 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 May 2017 14:09:41 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 826A21AA979 for ; Sat, 6 May 2017 14:09:41 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.897 X-Spam-Level: X-Spam-Status: No, score=-0.897 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.796, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id nxgs9oS_Eljj for ; Sat, 6 May 2017 14:09:37 +0000 (UTC) Received: from mail-wr0-f171.google.com (mail-wr0-f171.google.com [209.85.128.171]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id BD73C5F397 for ; Sat, 6 May 2017 14:09:36 +0000 (UTC) Received: by mail-wr0-f171.google.com with SMTP id l50so16722461wrc.3 for ; Sat, 06 May 2017 07:09:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=coaf3HSq9FeN6Q68ua2n74N4N6AXTO7a4v6g3YH3Xiw=; b=fKdgAu+sMktK1bfiKqrHfrmEIDWOK/QxRdFaBQHjAWW85dzRUk1PiadS6Yd70v2w2+ yzWAb1UM/SfkxNvKjR1T7IFDa0a+8laGlSa+/3U4Elug6/7SSCDTh92+fuezZaw8OrLD B06cu9CHXV+gJRnGwwQLhjSn10bwSkqhUIBWkBoWQTXWc09O6bxSdBXLT2xAB+Kjgrfy XneqtFtk2FdSTTS3AS7pHJBf4fyCXK2OnuVVBeOVoeNC8BmmIht5OU6qx3j4BNBmofON 2JMxMcBbQc/mbnFHeiQCNZiB/jE319eeXfmxgG2twfMfPbr2NaT8CjqGQkkLQ4EevRUz hVoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=coaf3HSq9FeN6Q68ua2n74N4N6AXTO7a4v6g3YH3Xiw=; b=BssybsqtaVDYhEpg95lRCasjPRx0ZXoMvDNidIdd1xsEUVRmZ9LdUjiF9GXO7UeJN5 Bus4qm2+U2CD1h4RcpJUJz0PjecArCa0yORUEJHrJvpc7+FwdMVpUmAcZJYdUr0XK9hy iKTxwpxZQQpLdY6AtqSKlDEqHmAKFweZXEVvO6jidS7d9TM8p40Fo7EVVDT8v0Kn3jxi tC6PqU+EDfQzJaPnJZqb1iwRAvO+l5XcOXYJ7XFv9QSAcPeY9YmpqgHXug/ibhnMHh5p KRVRj7thJPyr3YnUbksJQYFmv2dKYIOzNO3svDf97bFB7A2nMmORtSXNHm/Vf9FOUHKf 6n6g== X-Gm-Message-State: AN3rC/48SyZbB/qxpvx9p9AlSjtvco0kUQFw6d9Wi7FCIv0qFFIldlAF 2C38fi7xbvjUqXGsNgJimYOAlBp8e0tXx6g= X-Received: by 10.223.146.193 with SMTP id 59mr32790862wrn.165.1494079776193; Sat, 06 May 2017 07:09:36 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.139.209 with HTTP; Sat, 6 May 2017 07:09:35 -0700 (PDT) In-Reply-To: References: <74632d7d-37be-d767-f00c-418987f7c69c@univ-lorraine.fr> <54da4326-22f4-b56f-fa43-bc73b0026ec4@univ-lorraine.fr> From: Luca Toscano Date: Sat, 6 May 2017 16:09:35 +0200 Message-ID: Subject: Re: mod_remoteip.xml To: docs@httpd.apache.org Content-Type: multipart/alternative; boundary=94eb2c0d9bee538709054edb8ece archived-at: Sat, 06 May 2017 14:09:44 -0000 --94eb2c0d9bee538709054edb8ece Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable 2017-04-27 13:10 GMT+02:00 Lucien Gentis : > > > Le 27/04/2017 =C3=A0 10:57, Luca Toscano a =C3=A9crit : > > > > 2017-04-23 17:16 GMT+02:00 Lucien Gentis = : > >> >> >> Le 14/04/2017 =C3=A0 15:26, Lucien Gentis a =C3=A9crit : >> >> Hello Luca, >> >> Apologize for not answering. >> >> I come back next week >> >> Lucien >> >> Le 10/04/2017 =C3=A0 19:20, Luca Toscano a =C3=A9crit : >> >> Hello Lucien, >> >> 2017-04-08 17:28 GMT+02:00 Lucien Gentis >> : >> >>> Hello, >>> >>> Trunk branch : mod_remoteip.xml file, RemoteIPProxyProtocolExcept= ions >>> directive : >>> >>> " >>>

The RemoteIPProxyProtocol directive >>> enables or" >>> >>> must probably be replaced by : >>> >>> " >>>

The RemoteIPProxyProtocolExceptions >>> directive enables or" >>> >> >> >> I checked the last pending doc changes and the complete diff is: >> >> +

The RemoteIPProxyProtocol >> directive enables or >> + disables the reading and handling of the PROXY protocol connection >> header. >> + Sometimes it is desirable to require clients to provide the PROXY >> header, but >> + permit other clients to connect without it. This directive allows a >> server >> + administrator to configure a single host or CIDR range of hosts tha= t >> may do >> + so. This is generally useful for monitoring and administrative >> traffic to a >> + virtual host direct to the server behind the upstream load >> balancer.

>> + >> >> It may need to be explained a bit better but IIUC the paragraph is sayin= g >> that since RemoteIPProxyProtocol is a on/off switch, >> RemoteIPProxyProtocolExceptions can be used to fine tune exceptions. >> >> >> OK, it's actually referencing RemoteIPProxyProtocol directive. >> >> >> >>> Same file : I'm not quite sure to understand the phrase "This is >>> generally useful for monitoring and administrative >>> traffic to a virtual host direct to the server behind the upstream >>> load >>> balancer." >>> >> >> Definitely not clear, need a bit of rework. Do you have something in min= d >> to fix it? >> >> >> As far as I understand it, this directive allows to know client real IP >> address, and so better analyse a connection stream ; so, this phrase cou= ld >> be : "This is generally useful for monitoring network stream between >> clients and backend servers situated behind a load balancer" >> > > After reading https://httpd.apache.org/docs/trunk/mod/mod_remoteip.html# > remoteipproxyprotocolexceptions again I think that the sentence should be > removed, since it is well explained by what comes before it :) > > Luca > > > Perhaps Daniel Ruggeri could clarify that ? > Removed the sentence in http://svn.apache.org/r1794142, I'll wait a bit before backporting to 2.4.x to see if anybody will chime in. Luca --94eb2c0d9bee538709054edb8ece Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


2017-04-27 13:10 GMT+02:00 Lucien Gentis <lucien.gentis@= univ-lorraine.fr>:
=20 =20 =20



Le 27/04/201= 7 =C3=A0 10:57, Luca Toscano a =C3=A9crit=C2=A0:


2017-04-23 17:16 GMT+02:00 Lucien Gentis <lucien.gentis@univ-lorraine.fr&g= t;:



Le 14/04/2017 =C3=A0 15:26, Lucien Gentis a =C3=A9crit= =C2=A0:

Hello Luca,

Apologize for not answering.

I come back next week

Lucien


Le 10/04/2017 =C3=A0 19:20, Luca Toscano a =C3=A9crit= =C2=A0:
Hello Lucien,

2017-04-08 17:28 GMT+02:00 Lucien Gentis <= ;lucien= .gentis@univ-lorraine.fr>:
Hello,

Trunk branch : mod_remoteip.xml file, <name>RemoteIPProxyProtocolExcep= tions</name> directive :

"<usage>
=C2=A0 =C2=A0 =C2=A0<p>The <directive>RemoteIPProxyProtocol= </directive> directive enables or"

must probably be replaced by :

"<usage>
=C2=A0 =C2=A0 =C2=A0<p>The <directive>RemoteIPProxyProtocol= Exceptions</directive> directive enables or"


I checked the last pending doc changes and the complete diff is:

+ =C2=A0 =C2=A0<p>The <code class=3D"directive">RemoteIP= ProxyProtocol</code> directive enables or
+ =C2=A0 =C2=A0disables the reading an= d handling of the PROXY protocol connection header.
+ =C2=A0 =C2=A0Sometimes it is desirab= le to require clients to provide the PROXY header, but
+ =C2=A0 =C2=A0permit other clients to connect without it. This directive allows a server
+ =C2=A0 =C2=A0administrator to config= ure a single host or CIDR range of hosts that may do
+ =C2=A0 =C2=A0so. This is generally u= seful for monitoring and administrative traffic to a
+ =C2=A0 =C2=A0virtual host direct to = the server behind the upstream load balancer.</p>
+
=C2=A0
It may need to be explained a bit better but IIUC the paragraph is saying that since RemoteIPProxyProtocol is a on/off switch, RemoteIPProxyProtocolExceptions can be used to fine tune exceptions.

OK, it's actually referencing RemoteIPProxyProtocol directive.



Same file : I'm not quite sure to understand the phrase "This is generally useful for monitoring and administrative
=C2=A0 =C2=A0 traffic to a virtual host direc= t to the server behind the upstream load
=C2=A0 =C2=A0 balancer."

Definitely not clear, need a bit of rework. Do you have something in mind to fix it?

As far as I understand it, this directive allows to know client real IP address, and so better analyse a connection stream ; so, this phrase could be : "This i= s generally useful for monitoring network stream between clients and backend servers situated behind a load balancer"

After reading=C2=A0https://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#<= wbr>remoteipproxyprotocolexceptions again I think that the sentence should be removed, since it is well explained by what comes before it :)

Luca

Perhaps Daniel Ruggeri could clarify that ?

=
Removed the sentence in htt= p://svn.apache.org/r1794142, I'll wait a bit before backporting to = 2.4.x to see if anybody will chime in.

Luca
<= /div>
--94eb2c0d9bee538709054edb8ece--