Return-Path: Delivered-To: apmail-perl-modperl-archive@www.apache.org Received: (qmail 22866 invoked from network); 3 Aug 2006 23:01:04 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 3 Aug 2006 23:01:04 -0000 Received: (qmail 63857 invoked by uid 500); 3 Aug 2006 23:00:58 -0000 Delivered-To: apmail-perl-modperl-archive@perl.apache.org Received: (qmail 63837 invoked by uid 500); 3 Aug 2006 23:00:58 -0000 Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list modperl@perl.apache.org Received: (qmail 63826 invoked by uid 99); 3 Aug 2006 23:00:58 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Aug 2006 16:00:58 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [208.97.132.5] (HELO swarthymail-a4.dreamhost.com) (208.97.132.5) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Aug 2006 16:00:57 -0700 Received: from [192.168.1.100] (user-1087tpj.cable.mindspring.com [64.131.247.51]) by swarthymail-a4.dreamhost.com (Postfix) with ESMTP id 1B242129A86 for ; Thu, 3 Aug 2006 16:00:37 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.2) Content-Transfer-Encoding: 7bit Message-Id: <1BE3011C-871B-4198-B469-CB6B9B509166@2xlp.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed To: list mod_perl From: Jonathan Vanasco Subject: X-Forwarded-For Date: Thu, 3 Aug 2006 19:00:35 -0400 X-Mailer: Apple Mail (2.752.2) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N my mp2 needs to get the ip of the remote address on some installations, mp2 is on port 80 on other installations, mp2 is on 80xx and the ip is in X-Forwarded-For i'd like to ensure that i pull the ip off the right place, under the right conditions. all of my get_ip() calls happen in a shared library though, so I need to figure out a way to handle this under those constraints, and not deal with spoofs. first i found this module Apache::ForwardedFor http://search.cpan.org/~jlawrenc/Apache-ForwardedFor-0.5/lib/Apache/ ForwardedFor.pm but its Apache1 not porting nicely designed oddly- doesn't seem to forw short of rewriting it , which i might have to do, maybe someone has an apach2 compatible solution already? i'm thinking that the easiest way to do this would be: httpd.conf- run a preliminary handler that strips all x-forwarded-for headers unless: we're running on port 80 we're running on port 80 but there's some internal lan header marking that says its coming off a load balancer i control although i could just do a conditional rewrite of headers in a new forwarded module