Logging the client IP with Nginx/Varnish/Apache
david raistrick
drais at icantclick.org
Mon Oct 22 18:34:55 CEST 2012
On Mon, 22 Oct 2012, Rowan @ Jetboy wrote:
> My problem is that if the traffic is coming via Nginx, while the 'correct'
> client IP is getting logged in the VarnishNCSA logs, it looks as if Varnish
> is (understandably) replacing Nginx's X-Forwarded-For header with 127.0.0.1
> downstream, and this is getting logged with Apache. Is there a nice simple
> way to stop Varnish rewriting X-Forwarded-For if it's already populated?
choose your own adventure.
in vcl_recv:
if (req.http.x-forwarded-for) {
# remove req.http.X-Forwarded-For;
# set req.http.X-Forwarded-For = client.ip;
#retain x-forwarded-for data and append
set req.http.X-Forwarded-For = req.http.X-Forwarded-For "," client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
(noting that I use 2.1...)
--
david raistrick http://www.netmeister.org/news/learn2quote.html
drais at icantclick.org ascii ribbon campaign - stop html mail
http://www.asciiribbon.org/
More information about the varnish-misc
mailing list