Support

ts77 · #1 03-31-2007, 04:26 AM

Hey folks,

I'm thinking of adding a proxying load-balancer in front of my servers.
Unfortunately the backend-lsws servers would only see and log the remote_ip of the proxy-server.
For apache there is mod_rpaf ( http://stderr.net/apache/rpaf/ ) which adds back the latest x_forwarded_for header as remote-ip which would allow sane logging and other actions done on the remote-ip.

Is there any feature like that in lsws?
Would you think it worthwhile to add?

thanks,

thomas

mistwang · #2 03-31-2007, 06:41 AM

This is a new feature available in 3.0 Enterprise, x-forwarded-for header will be used as remote ip in access log if "Use Client IP in Header" is set to yes.

ts77 · #3 03-31-2007, 06:59 AM

sounds good that this feature is available but darn that I'd need a second enterprise license for that

.
thanks for the info though.

jackc · #4 05-19-2007, 03:21 PM

so this feature only log the the client's real ip, what about the other functions like php scripts, do they see the real ip as well? mod_rpaf makes everything sees the real ip.

mistwang · #5 05-19-2007, 04:07 PM

The real IP will be used everywhere once this feature is enabled.

jackc · #6 05-19-2007, 05:37 PM

If the client is behind multiple transparent proxies with x-forwarded-for header, does lsws still able to see the real IP? Is this feature only available in Enterprise version?

mistwang · #7 05-19-2007, 05:44 PM

Answer to both of your question is yes.
The real IP should be the first IP in the x-forwarded-for header, as long as all proxies keep the real IP that way in the header, LSWS will use the real IP.

jackc · #8 05-20-2007, 12:02 AM

Thanks for your reply!!!