trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ff ww <>
Subject SSL termination and X-Forwarded-For
Date Fri, 11 Sep 2015 10:49:58 GMT
Hey guys,

I set up ATS 5.3.1 as forward proxy to terminate SSL, and the proxied
traffic can be HTTP or HTTPS. For HTTP requests (limit to my hosts would be
better), I also want it to append client IP to X-Forwarded-For header. For
HTTPS requests, it's HTTP CONNECT wrapped in another SSL connection.

When I issue curl -vLx ats-host:8080 http://myhost/,  ATS will add
X-Forwarded-For and X-Client-IP header correctly, but when I use my program
to proxy HTTP requests via ats-host:443, those headers are never added. I
guess SSL termination is for incoming connections, and the headers are
added on outgoing connections, so they should not intervene each other

Below is excerpt from my records.config

CONFIG proxy.config.http.server_ports STRING 8080 443:ssl
> CONFIG proxy.config.http.connect_ports STRING 8080 80 5228 443 8443
> CONFIG proxy.config.http.anonymize_insert_client_ip INT 1
> CONFIG proxy.config.http.insert_squid_x_forwarded_for INT 1

View raw message