Mod_rpaf enabled; still apache log showing 127.0.0.1 as source!

Server NGINX
1

Hello list,

To get the wan IP in apache log I have already enabl mod_rapf in
opensude
server.

a2enmod rpaf mod_rpaf

“rpaf” already present

a2enmod mod_rpaf
“mod_rpaf” already present

Here is a nginx vhost section for passing IP to apache log

[…]
proxy_redirect off; # Do not redirect this proxy - It needs to be
pass-through
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Server-Address $server_addr;
proxy_pass_header Set-Cookie;
[…]

After restarting both apache and nginx, the apache log for that specific
vhost still showing 127.0.0.1 as source IP at apache log.

Am I missing something ?

Thanks

2

have you configured apache to log x-forward-for instead of your host
header?

regards, axel

3

Hello!

On Mon, Apr 28, 2014 at 07:03:28PM +0530, Joydeep Bakshi wrote:

[…]

After restarting both apache and nginx, the apache log for that specific
vhost still showing 127.0.0.1 as source IP at apache log.

Am I missing something ?

Most notably, you’ve missed configuration of mod_rpaf. It needs
to be enabled in configuration, and you have to at least configure
IP address it will accept headers from, as well as a header to
look into.

http://www.stderr.net/apache/rpaf/


Maxim D.
http://nginx.org/

4

Hello Axel & Maxim,

I have modified the apache log format as below

LogFormat “%{X-Forwarded-For}i %l %u %t “%r” %>s %b “%{Referer}i”
“%{User-Agent}i”” common

and get the source IP at /var/log/apache/access.log

I wonder if I there is any scope to add more info in the common log as
it
is a production server. And also need the same for ErrorLog too.

Any suggestion ?

Thanks

5

Even IP get logged when disable the rpaf !!!
little confused.

On Mon, Apr 28, 2014 at 7:36 PM, Joydeep Bakshi <

6

Hello,
are there any advantages of using mod_rpaf instead of using and logging
x-forward-for headers?

regards, Axel

7

You only need one.

If you use mod_rpaf you have need to configure it like Maxim told you.
If you change your common logformat to log x-forwarded-for headers you
don’t need mod_rpaf

regards, Axel

8

Might be missing this, from an old Apache config:

Configuration for mod_rpaf

RPAFenable On RPAFproxy_ips 192.168.2.123 # RPAFsethostname host.your.domain # End of mod_rpaf.

Posted at Nginx Forum:

9

Hello!

On Mon, Apr 28, 2014 at 07:43:49PM +0530, Joydeep Bakshi wrote:

Even IP get logged when disable the rpaf !!!
little confused.

Please read mod_rpaf documentation for further reference, I’ve
already provided a link. It’s really not related to nginx and
offtopic here.

Thank you for cooperation.

Thanks

Here is a nginx vhost section for passing IP to apache log

http://www.stderr.net/apache/rpaf/

nginx mailing list
[email protected]
nginx Info Page


Maxim D.
http://nginx.org/

10

Hello list,

Thanks a lot. After following your suggestions and the link Maxim
shared, I
have compiled the module in my server
as well as put the required configuration at httpd.conf. Now the WAN IP
appears at access.log of apache.

BTW: the error log still comes with local IP, any way to get remote IP
in
this log ?

Once again many thanks to you all.