[Varnish] #1650: X-Forwarded-For looses the first ip in list
Varnish
varnish-bugs at varnish-cache.org
Wed Dec 17 15:52:57 CET 2014
#1650: X-Forwarded-For looses the first ip in list
--------------------------+--------------------
Reporter: KlavsKlavsen | Type: defect
Status: new | Priority: normal
Milestone: | Component: build
Version: 4.0.2 | Severity: normal
Keywords: |
--------------------------+--------------------
Just converted varnish 3 setup, to varnish 4, and the X-Forwarded-For
header consistently gets the first ip removed, when more than 1 ip is on
the ingoing request.
X-Forwarded-For: 80.89.204.138, 10.233.1.34
then shows up as this on the backend:
X-Forwarded-For: 10.233.113.96, 10.230.1.34
we ran varnish 4, next to the varnish 3 boxes, and the request via them,
became:
X-Forwarded-For: 10.233.113.96, 80.89.204.138, 10.230.1.34
which is because we have this in our varnish 3 vcl_recv:
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", "
+ client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
(and vcl_recv ends with return(lookup) to bypass x-forwarded-for handling
in varnish 3).
I tried reproducing this on test but could not :( - and I had to pull it
out of production again.
--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1650>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list