trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ff ww <f...@getlantern.org>
Subject Re: SSL termination and X-Forwarded-For
Date Mon, 14 Sep 2015 14:46:06 GMT
Sorry guys please ignore this thread. My program incorrectly issues CONNECT
request for HTTP.

On Fri, Sep 11, 2015 at 6:49 PM, ff ww <fffw@getlantern.org> wrote:

> Hey guys,
>
> I set up ATS 5.3.1 as forward proxy to terminate SSL, and the proxied
> traffic can be HTTP or HTTPS. For HTTP requests (limit to my hosts would be
> better), I also want it to append client IP to X-Forwarded-For header. For
> HTTPS requests, it's HTTP CONNECT wrapped in another SSL connection.
>
> When I issue curl -vLx ats-host:8080 http://myhost/,  ATS will add
> X-Forwarded-For and X-Client-IP header correctly, but when I use my program
> to proxy HTTP requests via ats-host:443, those headers are never added. I
> guess SSL termination is for incoming connections, and the headers are
> added on outgoing connections, so they should not intervene each other
> right?
>
> Below is excerpt from my records.config
>
> CONFIG proxy.config.http.server_ports STRING 8080 443:ssl
>> CONFIG proxy.config.http.connect_ports STRING 8080 80 5228 443 8443
>> CONFIG proxy.config.http.anonymize_insert_client_ip INT 1
>> CONFIG proxy.config.http.insert_squid_x_forwarded_for INT 1
>
>

Mime
View raw message