functionality like in mod_rpaf?

[ts77]

Hey folks,

I'm thinking of adding a proxying load-balancer in front of my servers.
Unfortunately the backend-lsws servers would only see and log the remote_ip of the proxy-server.
For apache there is mod_rpaf ( http://stderr.net/apache/rpaf/ ) which adds back the latest x_forwarded_for header as remote-ip which would allow sane logging and other actions done on the remote-ip.

Is there any feature like that in lsws?
Would you think it worthwhile to add?


thanks,

thomas

 

[mistwang]

This is a new feature available in 3.0 Enterprise, x-forwarded-for header will be used as remote ip in access log if "Use Client IP in Header" is set to yes.

 

[ts77]

sounds good that this feature is available but darn that I'd need a second enterprise license for that .
thanks for the info though.

 

[jackc]

so this feature only log the the client's real ip, what about the other functions like php scripts, do they see the real ip as well? mod_rpaf makes everything sees the real ip.

 

[mistwang]

The real IP will be used everywhere once this feature is enabled.

 

[jackc]

If the client is behind multiple transparent proxies with x-forwarded-for header, does lsws still able to see the real IP? Is this feature only available in Enterprise version?

 

[mistwang]

Answer to both of your question is yes.
The real IP should be the first IP in the x-forwarded-for header, as long as all proxies keep the real IP that way in the header, LSWS will use the real IP.

 

[jackc]

Thanks for your reply!!!