httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Galić <i.ga...@brainsware.org>
Subject [users@httpd] mod_remoteip: Hiding in plain sight
Date Fri, 30 Mar 2012 15:16:31 GMT
Hi folks,

I'm using wrowe's backported version of mod_remoteip[1][2] to for
httpd 2.2, while hiding behind an Apache Traffic Server.

My configuration is basically this:

  # we're behind a proxy, but no one needs to know:
  RemoteIPHeader X-Forwarded-For
  RemoteIPTrustedProxy 127.0.0.1/8 176.9.55.235 192.168.122.235/24

while in ATS I have set

  CONFIG proxy.config.http.insert_squid_x_forwarded_for INT 1

(no, actually I haven't it's the default)

The only problem is: It doesn't do a thing.

  igalic@tynix ~ % curl http://brainswear.at/t.php 2>/dev/null| ack -i remote_a\|forw
      [REMOTE_ADDR] => 127.0.0.1

Is this supposed to strip X-Forwarded-For headers?
Is it supposed to not modify REMOTE_ADDRESS (because it says it would)
What's it supposed to do? Does it work? Has anyone tested it?

So long,

i 

[1] http://people.apache.org/~wrowe/httpd-2.2-ports/mod_remoteip.c
[2] http://httpd.apache.org/docs/current/mod/mod_remoteip.html

-- 
Igor Galić

Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/
GPG: 6880 4155 74BD FD7C B515  2EA5 4B1D 9E08 A097 C9AE


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message