Hello list,
To get the wan IP in apache log I have already enabl mod_rapf in
opensude
server.
a2enmod rpaf mod_rpaf
“rpaf” already present
a2enmod mod_rpaf
“mod_rpaf” already present
Here is a nginx vhost section for passing IP to apache log
[…]
proxy_redirect off; # Do not redirect this proxy - It needs to be
pass-through
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Server-Address $server_addr;
proxy_pass_header Set-Cookie;
[…]
After restarting both apache and nginx, the apache log for that specific
vhost still showing 127.0.0.1 as source IP at apache log.
Am I missing something ?
Thanks
have you configured apache to log x-forward-for instead of your host
header?
regards, axel
Hello!
On Mon, Apr 28, 2014 at 07:03:28PM +0530, Joydeep Bakshi wrote:
[…]
After restarting both apache and nginx, the apache log for that specific
vhost still showing 127.0.0.1 as source IP at apache log.
Am I missing something ?
Most notably, you’ve missed configuration of mod_rpaf. It needs
to be enabled in configuration, and you have to at least configure
IP address it will accept headers from, as well as a header to
look into.
http://www.stderr.net/apache/rpaf/
–
Maxim D.
http://nginx.org/
Hello Axel & Maxim,
I have modified the apache log format as below
LogFormat “%{X-Forwarded-For}i %l %u %t “%r” %>s %b “%{Referer}i”
“%{User-Agent}i”” common
and get the source IP at /var/log/apache/access.log
I wonder if I there is any scope to add more info in the common log as
it
is a production server. And also need the same for ErrorLog too.
Any suggestion ?
Thanks
Even IP get logged when disable the rpaf !!!
little confused.
On Mon, Apr 28, 2014 at 7:36 PM, Joydeep Bakshi <
Hello,
are there any advantages of using mod_rpaf instead of using and logging
x-forward-for headers?
regards, Axel
You only need one.
If you use mod_rpaf you have need to configure it like Maxim told you.
If you change your common logformat to log x-forwarded-for headers you
don’t need mod_rpaf
regards, Axel
Might be missing this, from an old Apache config:
Configuration for mod_rpaf
RPAFenable On
RPAFproxy_ips 192.168.2.123
# RPAFsethostname host.your.domain
# End of mod_rpaf.
Posted at Nginx Forum:
Hello!
On Mon, Apr 28, 2014 at 07:43:49PM +0530, Joydeep Bakshi wrote:
Even IP get logged when disable the rpaf !!!
little confused.
Please read mod_rpaf documentation for further reference, I’ve
already provided a link. It’s really not related to nginx and
offtopic here.
Thank you for cooperation.
Thanks
Here is a nginx vhost section for passing IP to apache log
http://www.stderr.net/apache/rpaf/
nginx mailing list
[email protected]
nginx Info Page
–
Maxim D.
http://nginx.org/
Hello list,
Thanks a lot. After following your suggestions and the link Maxim
shared, I
have compiled the module in my server
as well as put the required configuration at httpd.conf. Now the WAN IP
appears at access.log of apache.
BTW: the error log still comes with local IP, any way to get remote IP
in
this log ?
Once again many thanks to you all.