X-Forwarded-For automatically set in varnish 4.0?

Andrei lagged at gmail.com
Fri Feb 17 08:04:58 CET 2017 

You can modify it as you normally would in vcl_recv, by setting
req.http.X-Forwarded-For. Note the header may contain two IP addresses
depending on your stack, and only one should typically be passed to the
backend for proper logging.

On Fri, Feb 17, 2017 at 12:32 AM, Oliver Joa <ojoa at vwd.com> wrote:

> Hi,
>
> On 14.02.2017 09:41, Guillaume Quintard wrote:
>
>> Hi,
>>
>> The snippet is legacy code for v3, and it's now
>> useless/counter-productive in v4.
>>
>
> why is the x-forwarded-for-handling now in the source-code? I still use
> v3 and have modified it in the vcl-code. If I want to use v4 how can I
> modify it?
>
> Thanks and regards
>
> Olli
>
>
>> --
>> Guillaume Quintard
>>
>> On Tue, Feb 14, 2017 at 9:20 AM, Donath, Niklas
>> <Niklas.Donath at lvdigital.de <mailto:Niklas.Donath at lvdigital.de>> wrote:
>>
>>     Hi there,____
>>
>>     __ __
>>
>>     actually, i am in a migration project from varnish 3 to varnish 4.0,
>>     and i was confused about the x-forwarded-for header settings in
>>     varnish 4.0:____
>>
>>     in the official doc, it says that x-forwarded-for is automatically
>>     set, like it is obvious in the source code:
>>     https://github.com/varnishcache/varnish-cache/blob/4.0/bin/
>> varnishd/cache/cache_req_fsm.c#L724
>>     <https://github.com/varnishcache/varnish-cache/blob/4.0/bin/
>> varnishd/cache/cache_req_fsm.c#L724>____
>>
>>     __ __
>>
>>     But a lot of people are adding a snippet for vcl_recv like____
>>
>>     __ __
>>
>>     if (req.restarts == 0) {____
>>
>>         if (req.http.X-Forwarded-For) {____
>>
>>             set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ",
>>     " + client.ip;____
>>
>>         } else {____
>>
>>             set req.http.X-Forwarded-For = client.ip;____
>>
>>         }____
>>
>>     }____
>>
>>     __ __
>>
>>     Which, from my point of view, is the same implementation as it
>>     already should exist as the docs say. I currently do not have a
>>     LB/proxy infrastructure to test it, so maybe someone can clear this
>>     up, if x-forwarded-for is automatically set by varnish before
>>     executing the vcl_recv from my custom .vcl-file, or if the given
>>     snippet is required to set the real user ip for x-forwarded-for.____
>>
>>     __ __
>>
>>     Thank you very much!____
>>
>>     __ __
>>
>>     Greetings, Niklas____
>>
>>     __ __
>>
>>
>>     _______________________________________________
>>     varnish-misc mailing list
>>     varnish-misc at varnish-cache.org <mailto:varnish-misc at varnish-cache.org
>> >
>>     https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>>     <https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc>
>>
>>
>>
>>
>> _______________________________________________
>> varnish-misc mailing list
>> varnish-misc at varnish-cache.org
>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>>
>>
>
> --
> Dipl. Inf. (FH) Oliver Joa
> Systems, Zeitbeauftragter | Web Technology Systems | vwd group
>
> vwd Vereinigte Wirtschaftsdienste GmbH
> Karl-Götz-Straße 5 | 97424 Schweinfurt
> Telefon: +49 9721 499895-62 | Telefax: +49 9721 499895-77
> ojoa at vwd.com | www.vwd.com
> __________________________________________________________________
> vwd Vereinigte Wirtschaftsdienste GmbH
> Sitz der Gesellschaft: Tilsiter Straße 1 | 60487 Frankfurt am Main
> Handelsregister: B Frankfurt am Main HRB 100445
> Geschäftsführung: Martin Gijssel (CEO), Udo Kersting
>
> ************************************************************
> **********************************
>
> Der Inhalt dieser E-Mail ist ausschließlich für den bezeichneten
> Adressaten bestimmt.
> Wenn Sie nicht der vorgesehene Adressat dieser E-Mail oder dessen
> Vertreter sein
> sollten, so beachten Sie bitte, dass jede Form der Kenntnisnahme,
> Veröffentlichung,
> Vervielfältigung oder Weitergabe des Inhalts dieser E-Mail unzulässig ist.
> Wir bitten
> Sie, sich in diesem Fall mit dem Absender der E-Mail in Verbindung zu
> setzen.
>
> The content of this e-mail is meant exclusively for the person to whom it
> is addressed.
> If you are not the person to whom this e-mail is addressed or his/her
> representative,
> please be informed that any form of knowledge, publication, duplication or
> distribution
> of the content of this e-mail is inadmissible. In such cases we kindly ask
> you to contact
> the sender of this e-mail.
>
> ************************************************************
> **********************************
>
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20170217/fe057886/attachment.html>

More information about the varnish-misc mailing list