add req.http.x-forwarded-for header
Andreas Götzfried
revirii at googlemail.com
Wed Feb 6 13:19:58 CET 2013
Hello,
i use varnish (3.0.2) and nginx (1.2.1), and i have a special setup:
http: varnish (listens on *.80) -> nginx-backend (127.0.0.1:81)
https: nginx (public ip:443) -> proxy_pass to same varnish instance ->
nginx-backend (127.0.0.1:81)
When varnish receives the requests proxied by nginx (https), varnish
sees 127.0.0.1 as source, and there seems to be no solution getting
varnish see the real ip. But, as you might guess, i want the public ip
(need it for performance reasons) of the user. But i found a solution
- nginx is able to pass the real ip in a header:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
By customizing the varnishncsa log format i'm able to see the users'
ip address passed by nginx. So far, so good.
But for http (managed by varnish) i'm not able to set this header when
nginx isn't involved. I tried this:
At the beginning of 'sub vcl_recv':
if (!req.http.X-Forwarded-For) {
set req.http.X-Forwarded-For = client.ip;
}
My intention was: if this header isn't set (and it shouldn't when
varnish directly receives requests via http), set it with the value of
the client ip. I've tried a couple of variations, but in the end the
value in the varnishncsa log is always empty. Well... what am i doing
wrong? Where's the error?
thx
Andreas
More information about the varnish-misc
mailing list