trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ff ww <f...@getlantern.org>
Subject SSL termination and X-Forwarded-For
Date Fri, 11 Sep 2015 10:49:58 GMT
Hey guys,

I set up ATS 5.3.1 as forward proxy to terminate SSL, and the proxied
traffic can be HTTP or HTTPS. For HTTP requests (limit to my hosts would be
better), I also want it to append client IP to X-Forwarded-For header. For
HTTPS requests, it's HTTP CONNECT wrapped in another SSL connection.

When I issue curl -vLx ats-host:8080 http://myhost/,  ATS will add
X-Forwarded-For and X-Client-IP header correctly, but when I use my program
to proxy HTTP requests via ats-host:443, those headers are never added. I
guess SSL termination is for incoming connections, and the headers are
added on outgoing connections, so they should not intervene each other
right?

Below is excerpt from my records.config

CONFIG proxy.config.http.server_ports STRING 8080 443:ssl
> CONFIG proxy.config.http.connect_ports STRING 8080 80 5228 443 8443
> CONFIG proxy.config.http.anonymize_insert_client_ip INT 1
> CONFIG proxy.config.http.insert_squid_x_forwarded_for INT 1

Mime
View raw message