ServerIron 4G-SSL and Apache Client-IP logging configuration

On load balancers:

csw-rule "r1" url prefix "html"

csw-policy "redirect"

match "r1" forward 1218

match "r1" rewrite request-insert client-ip

default forward 1

default rewrite request-insert client-ip

server real webserver1 192.168.1.10

port http url "HEAD /"

port http server-id 1218

port http group-id 1 1

server real webserver2 192.168.1.20

port http url "HEAD /"

port http server-id 1211

port http group-id 1 1

server virtual webtest1 192.168.1.50

port http cookie-name "ServerID"

port http csw-policy "redirect"

port http request-insert client-ip "X-Forwarded-For"

In apache httpd.conf:

Change From: LogFormat “%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined

To:

LogFormat ""%{X-Forwarded-For}i" %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined

Then Restart apache2 services

4 comments:

Click SSL said...
This comment has been removed by the author.
insectum said...

Hi,

I am having difficulties setting up same scenario with SSL.
Is it possible to set up foundry to provide client ip in case of an SSL connection?

thank you
Peter

Paul V said...

In this particular case it was SSL but SSL was terminated at the Foundry and the back end was straight http. I no longer use the Foundry so cannot test the scenario where SSL is being used all the way through to the back end app or web servers.

insectum said...

Thank you very much for the comment.
I set up everything, ssl-termination working fine but i am not able to rewrite the header somehow. If i do it is not working. I will going to play with it further.