<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
Hello,<br>
<br>
Please, I'm trying to use http_realip_module
(<a class="moz-txt-link-freetext" href="http://wiki.nginx.org/NginxHttpRealIpModule#real_ip_header">http://wiki.nginx.org/NginxHttpRealIpModule#real_ip_header</a>) to get
the X-Forwarded-For IP in my .php, but I'm suspecting something is
wrong, because that looks like it should work.<br>
<br>
My setup is:<br>
<br>
LB > Varnish FE network pool (10.110.0.0/22) > Varnish BE -
same server, another iface - (10.214.0.0/22) > LB 10.214.0.0/22
> nginx BE pool 10.214.0.0/22<br>
<br>
When I set:<br>
<br>
<font face="Courier New, Courier, monospace"> location ~
\.php$ {<br>
fastcgi_pass 127.0.0.1:9000;<br>
fastcgi_index index.php;<br>
include fastcgi_params;<br>
fastcgi_param SCRIPT_FILENAME
/net/nfs_parceiros_1/ftorres.com.br$fastcgi_script_name;<br>
}</font><br>
<br>
<br>
I get these values from my simple php test page:<br>
<br>
<font face="Courier New, Courier, monospace"><?php<br>
echo '<table border="1">';<br>
<br>
foreach($_SERVER as $k => $v) {<br>
echo
'<tr><td>'.$k.'</td><td>'.$v.'</td></tr>';<br>
}<br>
echo '</table>';<br>
?></font><br>
<br>
<br>
<br>
<font face="Courier New, Courier, monospace">SERVER_SOFTWARE
nginx/0.8.53<br>
REMOTE_ADDR 10.214.3.250<br>
SERVER_ADDR 10.214.0.56<br>
HTTP_X_FORWARDED_FOR 10.214.0.47</font><br>
<br>
<br>
When I set: <br>
<br>
<font face="Courier New, Courier, monospace"> location ~
\.php$ {<br>
<br>
set_real_ip_from 10.214.0.0/22;<br>
#set_real_ip_from 10.110.0.0/22;<br>
real_ip_header X-Forwarded-For;<br>
fastcgi_pass 127.0.0.1:9000;<br>
fastcgi_index index.php;<br>
include fastcgi_params;<br>
fastcgi_param SCRIPT_FILENAME
/net/nfs_parceiros_1/ftorres.com.br$fastcgi_script_name;<br>
}</font><br>
<br>
I get:<br>
<br>
<font face="Courier New, Courier, monospace">REMOTE_ADDR
10.110.3.250<br>
SERVER_ADDR 10.214.0.56<br>
HTTP_X_FORWARDED_FOR 10.214.0.48</font><br>
<br>
<br>
Oops, now I can see 10.110.0.0/22 (my front end network), but
nothing about my x-forwarded-for, now I fixed it and add the FE
network :<br>
<br>
<font face="Courier New, Courier, monospace"> location ~
\.php$ {<br>
<br>
add_header X-Fw-For $proxy_add_x_forwarded_for;<br>
set_real_ip_from 10.214.0.0/22;<br>
set_real_ip_from 10.110.0.0/22;<br>
real_ip_header X-Forwarded-For;<br>
fastcgi_pass 127.0.0.1:9000;<br>
fastcgi_index index.php;<br>
include fastcgi_params;<br>
fastcgi_param SCRIPT_FILENAME
/net/nfs_parceiros_1/ftorres.com.br$fastcgi_script_name;<br>
}</font><br>
<br>
<br>
<br>
Then, I get:<br>
<br>
<font face="Courier New, Courier, monospace">REMOTE_ADDR
10.110.3.250<br>
SERVER_ADDR 10.214.0.56<br>
HTTP_X_FORWARDED_FOR 10.214.0.46</font><br>
<br>
<br>
Any of these configurations shown the X-forwarded-for at remote_addr
field, and the x-fw-for Header its working:<br>
<br>
<font face="Courier New, Courier, monospace">HTTP/1.1 200 OK<br>
Server: nginx<br>
Date: Fri, 10 Jun 2011 23:27:19 GMT<br>
Content-Type: text/html<br>
Connection: keep-alive<br>
<b>X-Fw-For: 200.226.123.253, 10.110.3.250, 10.110.3.250</b></font><br>
<br>
<br>
I fixed it adding the following configuration at fastcgi_param file:<br>
<font face="Courier New, Courier, monospace"><br>
set $addr $remote_addr;<br>
if ($proxy_add_x_forwarded_for ~
"^(?:^|,)\s*(\d+\.\d+\.\d+\.\d+)\s*") {<br>
set $addr $1;<br>
}</font><br>
<br>
<font face="Courier New, Courier, monospace">fastcgi_param
HTTP_X_FORWARDED_FOR $addr;</font><br>
<br>
So Please, I'd like to know if http_realip_module is doing the job
as it should or if these fixed issue should be ok for what I'm
trying do do.<br>
<br>
Thanks and sorry about my english<br>
<br>
<br>
</body>
</html>