All geek questions in one place

IP varnish client not logged in Apache logs

I configured Varnish 3 with Apache and it works fine. However, I cannot get the ip client to log into Apache logs. I tried several search solutions without any success. Right now, my Apache access log file is registering the server IP address instead of the client IP addresses.

Here are my settings for your kind:

Varnish VCL: (/etc/varnish/default.vlc): http://pastebin.com/PuBqZ6fx

Apache configuration

/etc/httpd/conf/httpd.conf

LogFormat "% {X-Forwarded-For} i% l% u% t \"% r \ "%> s% b \"% {Referer} i \ "\"% {User-Agent} i \ "" varnishcombined

Apache virtual host

...... Other things ..... ErrorLog / fr-error-log logs CustomLog / fr-custom-log logs varnishcombined ...... Other things .....

Note. The installed version of Varnish is Lac-3.0.2-1.el5.x86_64

Thanks. Rachel

+6
source share
3 answers

I think you had a working configuration in your pastoein example, this really should do the trick:

if (req.restarts == 0) { if (req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } }

In vcl_recv {}.

+12
source

As pointed out in the comments on the OP, the solution is an Apache module. Varnish by default adds an X-Forwarded-For header.

Then the apache module, for example mod_rpaf (Apache 2.2) or mod_remoteip (Apache 2.4), will set the remote_ip parameter to the value specified in the X-Forwarded-For header.

This provides a much more robust solution than just logging the value of the X-Forwarded-For header in your apache logs. For example, it allows you to access the same site on two IP addresses, via Varnish or directly, and the site functions as you expected and is correctly registered.

+10
source

Add this line to your vcl

 sub vcl_recv { # Add a unique header containing the client address remove req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip; }

Then change logformat apache

 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined

And now in your virtualhost

 <VirtualHost *:8080> ServerName www.abc.com CustomLog /var/log/httpd/www.abc.com/access.log varnishcombined </VirtualHost>
+9
source

Source: https://habr.com/ru/post/912465/

More articles:


All Articles