varnish forward client IP-address to backend

apache-2.2 varnish debian-squeeze
6,038

Ok, I will answer my own question to help people who may have the same problem:

First add the following lines into varnish configuration file (default.vcl)

sub vcl_recv {
   if (req.http.host == "myDomain.net") {
       set req.http.host = "myDomain.net";
       set req.backend = myBackend;
       # Compatiblity with Apache log
       remove req.http.X-Forwarded-For;
       set req.http.X-Forwarded-For = client.ip;
       # No cache for POST requests
       if (req.request == "POST") {
           return(pipe);
       }   
       return(lookup);
   }
}

Then add personalized logs format for apache while configuring your vhost

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined
 ...
 CustomLog      ${APACHE_LOG_DIR}/access.log varnishcombined

That's it!

Share:
6,038

Related videos on Youtube

philippe
Author by

philippe

Something about Myself

Updated on September 18, 2022

Comments

  • philippe
    philippe over 1 year

    I have set up varnish as a proxy to redirect HTTP-request to backend-servers running apache. I would like to have the clients IP-addresses in my apache logs instead of the varnish server IP-address. Here is my varnish configuration file:

    backend $my_backend {
    .host = "192.168.0.103";
    .port = "80";
}
sub vcl_recv {
} else if (req.http.host == "$my_domain_name") {
    set req.backend = $my_backend;
    if (req.request == "POST") {
        if (req.http.X-Forwarded-For) {
          set req.http.X-Real-Forwarded-For = req.http.X-Forwarded-For ", " regsub(client.ip, ":.*", "");
          unset req.http.X-Forwarded-For;
       } else {
          # Simply use the client IP
          set req.http.X-Real-Forwarded-For = regsub(client.ip, ":.*", "");
       }
        return(pipe);
    }
    return(lookup);
}
}

    On the backend apache config file I have this

    RPAFenable On
RPAFsethostname On
RPAFproxy_ips $varnish_proxy_ip
RPAFheader X-Real-IP

    The problem is that the instruction RPAFheader is not recognized on Debian6:

    root@$hostname:~# apache2ctl configtest
Invalid command 'RPAFheader', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.
The Apache error log may have more information.
root@$hostname:~#

    Have anyone set up mod_rpaf on debian to give me a hand on this troublemod_rpaf

    Thank you very much for your help!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I set up Varnish to cache only static content?
I keep getting Varnish Guru Mediation 503 errors despite setting timeouts
Update Apache2 to 2.4 on Debian 6
Prevent users to access to website using port 8080 (apache) when using Varnish (on port 80)
Python version mismatch, expected '2.6.5+', found '2.6.6'
How to automatically re-start apache if it stops responding and socket is still in use
Why is Varnish not caching?
How to disable Varnish
How can I synchronize 2 web server files with load balance?
Varnish 3.0.2 to Apache2 sometimes return error 503