Change client.ip based on x-forwaded-for headers?

Stephen Wood smwood4 at gmail.com
Mon Aug 5 23:05:05 CEST 2013


Is there a way to change client.ip?

For example, I would like to set up an ACL to block certain IPs, but since
the instances are behind a load balancer the only thing I have to work with
is the x-forwarded-for header. I've tried something like this:

sub vcl_recv {
  if (req.http.X-Forwarded-For) {
    set client.ip = req.http.X-Forwarded-For;
  }
}

But of course that kind of thing doesn't compile.

Can someone please advise me on this issue or the broader question about
implementing ACLs via x-forwarded-for headers for those of us stuck behind
another load balancer?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20130805/0a4591ff/attachment.html>


More information about the varnish-misc mailing list