HideProxy
Emperor
5 March 2016, 23:46
Hello!
I am setting up Hiawatha on HostA to reverse proxy to HostB. On HostB, I enabled "HideProxy = 12.34.56.78" where 12.34.56.78 is the IP address of HostA. But in the access.log on HostA (with "LogFormat = extended"), I am not seeing the IP address of the real client. Rather, I am seeing the IP address of HostA. Is this expected? How do I expose the IP address of the real client to be logged in access.log? With "LogFormat = hiawatha", I can see the IP address of the real client in X-Forwarded-For and Forwarded-For. Can anyone please help?
Thanks a lot!
Emperor
5 March 2016, 23:51
Just to clarify, Hiawatha is running on both HostA and HostB.
Emperor
6 March 2016, 00:02
Also, this is HTTPS. Does that make a difference?
Hugo Leisink
7 March 2016, 20:24
Is the interface with IP address 12.34.56.78 the only interface at HostA?
Emperor
8 March 2016, 09:49
Hugo,
Yes, 12.34.56.78 is the only IPv4 interface on HostA. I don't know if it may be relevant, but on HostB, Hiawatha is binding only to 87.65.43.21.
Thanks a lot!
Emperor
12 March 2016, 19:42
Hugo,
I tried by setting up 2 other freshly installed Debian (jessie) machines, with freshly compiled Hiawatha 10.1 on both machines, to just serve a simple static index.html, but the result is the same. HideProxy is not working.
Hugo Leisink
13 March 2016, 18:42
I found a bug. Edit src/http.c and change lines 848 and 849 to:
while ((forwarded = strcasestr(forwarded, "for=")) != NULL) {
begin = forwarded + 4;
Emperor
14 March 2016, 12:22
Hugo,
Thanks a lot for the info. Will you be committing this change to Git and I can then pick up the changes from there?
Thanks again!
Hugo Leisink
15 March 2016, 00:19
No, I only use GitHub to dump final release code. Also, a manual fix in this case is also faster.
Emperor
15 March 2016, 07:35
Hugo,
It appears that the fix should be in lines 845 and 846, based on the code currently in Github. Is that correct? Thanks!
Hugo Leisink
15 March 2016, 07:48
I see that GitHub still has the v10.0 code. The lines I mentioned are for v10.1. Depending on what version you use, it should be somewhere around those line numbers. Just look for the two matching lines.
Emperor
15 March 2016, 08:29
Hugo,
Ah, I see the difference between the Github version and the 10.1 tar.gz package. I have also verified that the changes fix the problem. Thanks again!
This topic has been closed.