Forum: NGINX mod_rpaf enabled; still apache log showing 127.0.0.1 as source!

3f3ac66afcf2830905f13da6c93adb5e?d=identicon&s=25 Joydeep Bakshi (Guest)
on 2014-04-28 15:34
(Received via mailing list)
Hello list,

To get the wan IP in apache log I have already enabl mod_rapf in
opensude
server.

# a2enmod rpaf mod_rpaf
"rpaf" already present

 a2enmod  mod_rpaf
"mod_rpaf" already present

Here is a nginx vhost section for passing IP to apache log

[......]
  proxy_redirect off; # Do not redirect this proxy - It needs to be
pass-through
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Server-Address $server_addr;
  proxy_pass_header Set-Cookie;
[......]

After restarting both apache and nginx, the apache log for that specific
vhost still showing 127.0.0.1 as source IP at apache log.

Am I missing something ?

Thanks
28802c1455ba9b8b14838c2934410448?d=identicon&s=25 Axel (Guest)
on 2014-04-28 15:47
(Received via mailing list)
have you configured apache to log x-forward-for instead of your host
header?

regards, axel
A8108a0961c6087c43cda32c8616dcba?d=identicon&s=25 Maxim Dounin (Guest)
on 2014-04-28 15:56
(Received via mailing list)
Hello!

On Mon, Apr 28, 2014 at 07:03:28PM +0530, Joydeep Bakshi wrote:

>
> [......]
>
> After restarting both apache and nginx, the apache log for that specific
> vhost still showing 127.0.0.1 as source IP at apache log.
>
> Am I missing something ?

Most notably, you've missed configuration of mod_rpaf.  It needs
to be enabled in configuration, and you have to at least configure
IP address it will accept headers from, as well as a header to
look into.

http://www.stderr.net/apache/rpaf/

--
Maxim Dounin
http://nginx.org/
28802c1455ba9b8b14838c2934410448?d=identicon&s=25 Axel (Guest)
on 2014-04-28 16:03
(Received via mailing list)
Hello,
are there any advantages of using mod_rpaf instead of using and logging
x-forward-for headers?

regards, Axel
3f3ac66afcf2830905f13da6c93adb5e?d=identicon&s=25 Joydeep Bakshi (Guest)
on 2014-04-28 16:06
(Received via mailing list)
Hello Axel & Maxim,

I have modified the apache log format as below

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" common

and get the source IP at /var/log/apache/access.log

I wonder if I there is any scope to add more info in the common log as
it
is a production server. And also need the same for ErrorLog too.

Any suggestion ?

Thanks
3f3ac66afcf2830905f13da6c93adb5e?d=identicon&s=25 Joydeep Bakshi (Guest)
on 2014-04-28 16:14
(Received via mailing list)
Even IP get logged when disable the rpaf !!!
little confused.




On Mon, Apr 28, 2014 at 7:36 PM, Joydeep Bakshi <
28802c1455ba9b8b14838c2934410448?d=identicon&s=25 Axel (Guest)
on 2014-04-28 16:43
(Received via mailing list)
You only need one.

If you use mod_rpaf you have need to configure it like Maxim told you.
If you change your common logformat to log x-forwarded-for headers you
don't need mod_rpaf

regards, Axel
A8108a0961c6087c43cda32c8616dcba?d=identicon&s=25 Maxim Dounin (Guest)
on 2014-04-28 16:46
(Received via mailing list)
Hello!

On Mon, Apr 28, 2014 at 07:43:49PM +0530, Joydeep Bakshi wrote:

> Even IP get logged when disable the rpaf !!!
> little confused.

Please read mod_rpaf documentation for further reference, I've
already provided a link.  It's really not related to nginx and
offtopic here.

Thank you for cooperation.

> >
> > Thanks
> >> >
> >> > Here is a nginx vhost section for passing IP to apache log
> >> >
> >> http://www.stderr.net/apache/rpaf/
> >
> >

> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


--
Maxim Dounin
http://nginx.org/
2974d09ac2541e892966b762aad84943?d=identicon&s=25 itpp2012 (Guest)
on 2014-04-28 17:53
(Received via mailing list)
Might be missing this, from an old Apache config:

# Configuration for mod_rpaf
<IfModule mod_rpaf.c>
    RPAFenable On
    RPAFproxy_ips 192.168.2.123
    # RPAFsethostname host.your.domain
</IfModule>
# End of mod_rpaf.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,249698,249710#msg-249710
3f3ac66afcf2830905f13da6c93adb5e?d=identicon&s=25 Joydeep Bakshi (Guest)
on 2014-04-29 08:59
(Received via mailing list)
Hello list,

Thanks a lot. After following your suggestions and the link Maxim
shared, I
have compiled the module in my server
as well as put the required configuration at httpd.conf. Now the WAN IP
appears at access.log of apache.

BTW: the error log still comes with local IP, any way to get remote IP
in
this log ?

Once again many thanks to you all.
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.