Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
kerberos2013-06-12 19:24:53
Nginx
kerberos, 2013-06-12 19:24:53

Empty variable $proxy_add_x_forwarded_for, nginx 1.2.3

I configure nginx/1.2.3 (debian 6.0.5) as a reverse proxy to tomcat, the config is as follows:

upstream tomcat {
    server 127.0.0.1:8080;
}

server {
    listen   *:80; ## listen for ipv4

    sendfile on;
    charset utf-8;

    server_name  test.ru www.test.ru;

    access_log  /var/log/nginx/test.ru.access.log;
    error_log  /var/log/nginx/test.ru.error.log;

    root /var/www/test.ru/htdocs;

    location / {
            proxy_pass http://tomcat;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Real-IP $remote_addr;
    }
}


In the jsp page, I display all the headers and their values:

......
x-real-ip	92.47.ххх.ххх
connection	close
cache-control	max-age=0
......


Those. x-real-ip is passed, but X-Forwarded-For is not. What can be wrong?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
K
kerberos, 2013-06-14
@kerberos

In general, I solved the problem, you need to write the following in the tomcat in server.xml (it worked after adding the requestAttributesEnabled="true" attribute to AccessLogValve):

<Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">
    ...
    <Valve className="org.apache.catalina.valves.RemoteIpValve"
           remoteIpHeader="X-Forwarded-For"
           requestAttributesEnabled="true"
           internalProxies="127.0.0.1"  />

    <Valve className="org.apache.catalina.valves.AccessLogValve"
           directory="logs"
           prefix="localhost_access_log."
           suffix=".log"
           requestAttributesEnabled="true"
           pattern="%h %l %u %t "%r" %s %b" />
    ...
</Host>

Report
V
VBart, 2013-06-14
@VBart

Why did you decide that the variable is empty and the header is not passed? Look at the same tcpdump, most likely everything is transmitted, just tomcat processes this header as it sees fit.

Report
S
script88, 2013-06-13
@script88

We go to the off documentation nginx.org/ru/docs/http/ngx_http_proxy_module.html and at the very bottom we read:
$proxy_add_x_forwarded_for

поле заголовка запроса клиента “X-Forwarded-For” и добавленная к нему через запятую переменная $remote_addr. Если же поля “X-Forwarded-For” в заголовке запроса клиента нет, то переменная $proxy_add_x_forwarded_for равна переменной $remote_addr.

Report
K
kerberos, 2013-06-13
@kerberos

mod_rpaf? What does mod_rpaf have to do with it (a quick google shows that this is a module for apache, I have apache tomcat )

Similar questions
T
Twelfth Doctor2017-09-27 19:30:14
What is the correct approach to edit configs? 3Reply
A
Alex2017-10-02 14:08:44
How to disable access in NGINX to all non-existent third-level domains on the site via SSL (port 443)? 5Reply
A
Anton2020-02-20 15:06:50
How to configure VPS to bypass RKN in requests to Telegram api? 1Reply
G
Grabonovich2020-02-20 21:31:46
Where did the /var/www directory go? 1Reply
A
azkaban4ik2017-10-04 13:02:28
How to make player views statistics? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question