1. 技术文章
  2. Varnish Client IP not logging in Apache Logs

Varnish Client IP not logging in Apache Logs

谁说我不能喝 提交于 2019-11-29 15:20:02

问题


I've configured Varnish 3 with Apache and it is running perfectly alright. However i'm unable to get the Client ip logged in Apache logs. I tried a few solutions googling around with no luck. Right now my Apache access log file is logging the server IP instead of client IP addresses.

Here are my configurations for your kind consideration:

Varnish VCL: (/etc/varnish/default.vlc): http://pastebin.com/PuBqZ6fx

Apache Config

/etc/httpd/conf/httpd.conf

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined

Apache Virtual Host

...... Other Stuff ..... ErrorLog logs/fr-error-log CustomLog logs/fr-custom-log varnishcombined ...... Other Stuff .....

Note: Varnish Version installed is varnish-3.0.2-1.el5.x86_64

Thanks. Raheel


回答1:


I think you've had a working config in your pastebin example, this should actually do the trick:

if (req.restarts == 0) {
  if (req.http.X-Forwarded-For) {
    set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
  } else {
    set req.http.X-Forwarded-For = client.ip;
  }
}

In your vcl_recv{}.




回答2:


As the OP mentioned in the comments, the solution is an Apache module. Varnish adds the X-Forwarded-For header by default.

Then an apache module like mod_rpaf (Apache 2.2) or mod_remoteip (Apache 2.4) will set the remote_ip value to the one passed in by the X-Forwarded-For header.

This provides a far more robust solution than simply logging the value of the X-Forwarded-For header into your apache logs. For example, it allows you to access the same site on 2 IPs, via Varnish or directly, and the site functions as you'd expect and is logged correctly.




回答3:


Add this line to your vcl

sub vcl_recv {
  # Add a unique header containing the client address
  remove req.http.X-Forwarded-For;
  set    req.http.X-Forwarded-For = client.ip;

}

Then change the logformat of apache

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined

And now in your Virtualhost

<VirtualHost *:8080>
  ServerName www.abc.com

  CustomLog /var/log/httpd/www.abc.com/access.log varnishcombined

</VirtualHost>


来源:https://stackoverflow.com/questions/10024877/varnish-client-ip-not-logging-in-apache-logs

标签
varnish
varnish-vcl
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!