httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Cicimov <icici...@gmail.com>
Subject Re: [users@httpd] IP based redirect with mod_rewrite
Date Thu, 06 May 2010 01:54:46 GMT
Yeah that's what I was suspecting. Because of the F5 masquerading the apache
is not getting the client IP but the one set by F5.

The simplest solution would be to set the rule you need on the F5 load
balancer than on apache server.

 Igor

On Thu, May 6, 2010 at 11:36 AM, Priya Vadlakonda (Contractor) <
Priya.Vadlakonda@ucop.edu> wrote:

> If I remember right, I think when I set the log for debugging
>
> The rule does not seem to work as expected and is checking proxy ip instead
> of client ip
>
> Anyway, to be sure I will set up the rule yet again and send you the log
> snippet.
>
> Thanks
> Priya
>
> ------------------------------
>  *From*: Igor Cicimov
> *To*: users@httpd.apache.org
> *Sent*: Wed May 05 18:27:11 2010
> *Subject*: Re: [users@httpd] IP based redirect with mod_rewrite
> I wonder why the %{REMOTE_ADDR} approach is failing? Are you getting a
> wrong REMOTE_ADDR or your rule is not working? Can you please post your
> rewrite rule for that case and appropriate rewrite logs with RewriteLogLevel
> set as high as possible for debugging?
>
> You can also try to combine SetEnvIf and mod_rewrite for Remote_Addr
> parameter but if the above try is failing this one should be failing too
> since practically both are checking the same variable.
>
> Igor
>
> On Thu, May 6, 2010 at 6:09 AM, Priya Vadlakonda (Contractor) <
> Priya.Vadlakonda@ucop.edu> wrote:
>
>>  Hi
>>
>>
>>
>> How do I set up a rule in Apache( If at all that is possible) to redirect
>> traffic based on the IP address of the client.
>>
>>
>>
>> Here is the set up of the env
>>
>>
>>
>> There is a reverse proxy (F5 LTM) that does SSL offloading and this is the
>> first point the user hits and this does load balancing across our Apache Web
>> Servers.
>>
>>
>>
>> So, we have Apache as a proxy server that sits behind the firewall and
>> this is the second entry point.
>>
>>
>>
>> The problem is I would need to set up a rewrite rule in Apache that
>> diverts user to a web page depending on the original IP address of the
>> client.
>>
>>
>>
>> We run Apache v2 and use {X-Forwarded-For}i feature that enables us to
>> record the IP address of the client in the access log.
>>
>>
>>
>> In the access log I get both  the F5 proxy IP and also the original client
>> IP.
>>
>>
>>
>> wsadmin@dolores:/etc/apache2> rpm -qa | grep apache2
>>
>> apache2-2.0.49-27.38
>>
>> apache2-worker-2.0.49-27.38
>>
>>
>>
>> Now the condition and rule
>>
>>
>>
>> As soon as the client hits the F5 and the request is sent to Apache, I
>> need Apache to make a decision by getting the actual client IP and routing
>> to the appropriate web page.
>>
>>
>>
>> Say if the user is accessing a URI /* and the request is coming from
>> within 128.48.0.0/16 or ucop.edu domain
>>
>>
>>
>> I need users to get to https://sseqa.ucop.edu/*
>>
>>
>>
>> For any other client IP requesting the same URI, Apache should make a
>> decision to re route the request to a different site https://--------
>>
>>
>>
>> How do I do that?
>>
>>
>>
>> Any support is appreciated.
>>
>>
>>
>> I tried several ways to establish this but each time it fails. I don’t
>> have the failure logs for one particular attempt.
>>
>>
>>
>> %{REMOTE_ADDR}
>>
>> %{HTTP:X-FORWARDED-FOR}
>>
>> %{REMOTE_HOST}  - When trying for a domain based redirect
>>
>>
>>
>> Thanks
>>
>> Priya
>>
>>
>>
>>
>>
>
>

Mime
View raw message