Nginx real_ip_recursive

ianjoneill nginx-forum at nginx.us
Mon Sep 15 13:41:21 UTC 2014


Thanks for your reply.

If I uncomment that line, the X-Forwarded-For header contains all of the IP
addresses, as shown below:

$ sudo /usr/sbin/tcpdump -i lo -A -s 0 'tcp port 8080 and (
((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes
14:37:24.303617 IP localhost.50999 > localhost.8080: Flags [P.], seq
717883991:7
17884206, ack 1454594695, win 4099, options [nop,nop,TS val 2599031 ecr
2599030]
, length 215
E...."@. at ............7".*.
WV.Z............
.'.w.'.vHEAD / HTTP/1.0
Host: localhost
X-Real-IP: 10.0.2.2
X-Forwarded-For: 1.1.1.1, 2.2.2.2, 10.0.2.2
Connection: close
User-Agent: curl/7.30.0
Accept: */*

i.e. I am getting the spoofed addresses and the real one. As I understood
it, I should only get the real ip, i.e. 10.0.2.2.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,253247,253250#msg-253250



More information about the nginx mailing list