[Varnish] #1650: X-Forwarded-For looses the first ip in list
Varnish
varnish-bugs at varnish-cache.org
Mon Jan 12 15:02:31 CET 2015
#1650: X-Forwarded-For looses the first ip in list
--------------------------+-----------------------
Reporter: KlavsKlavsen | Owner:
Type: defect | Status: needinfo
Priority: normal | Milestone:
Component: build | Version: 4.0.2
Severity: normal | Resolution:
Keywords: |
--------------------------+-----------------------
Comment (by KlavsKlavsen):
Finally got to debug it, and found the reason.
The cisco ACE box in front, adds a new x-forwarded-header - even though
there already is one :(
So varnish receives this:
- ReqHeader X-Forwarded-For: 10.230.103.96
- ReqHeader X-Forwarded-For: 77.66.12.106, 10.230.1.34
which then gets sanitized to:
- ReqHeader X-Forwarded-For: 10.233.113.96, $ip-of-client-
contacting-varnish
whereas on our current setup, we simply return in varnish 3 - so it does
not touch the x-forwarded-for headers - and appearently php (the website
behind this - not something I work on :) magicly converts these two x
-forwarded-headers into one list.
--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1650#comment:5>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list