x-real-ip issue

Richard Stanway r1ch+nginx at teamliquid.net
Mon Aug 28 20:27:28 UTC 2017


You're connecting to localhost (127.0.0.1) and your set_real_ip_from only
accepts X-Forwarded-For from 172.0.0.0/8.

On Mon, Aug 28, 2017 at 8:25 PM, CJ Ess <zxcvbn4038 at gmail.com> wrote:

> I've been struggling all day with this, I'm missing something, hoping
> someone can point out what I'm doing wrong w/ the realip module:
>
> nginx.conf:
> ...
>   log_format xyz '$remote_addr - $remote_user [$time_iso8601] '
>                     '"$request" $status $body_bytes_sent '
>                     '"$http_referer" "$http_user_agent"
> "$http_x_forwarded_for" $http_x_real_ip';
>
>   access_log  /var/log/nginx/access.log xyz;
> ...
>   real_ip_header X-Forwarded-For;
>   real_ip_recursive on;
>   set_real_ip_from 172.0.0.0/8;
> ...
>
>
> Test command I'm running:
> curl -v -v -v -H "Host: www.test.com" -H "X-Forwarded-For: 9.1.2.3,
> 172.16.9.92" http://127.0.0.1/cheese
>
>
> What I see in the error log:
> 127.0.0.1 - - [2017-08-28T14:20:38-04:00] "GET /cheese HTTP/1.1" 502 166
> "-" "curl/7.29.0" "9.1.2.3, 172.16.9.92" -
>
>
> I'm expecting that either $remote_addr or $http_x_real_ip be 9.1.2.3, but
> the former is 127.0.0.1 and the latter is null.
>
> I've tried two versions of Nginx including the latest, so pretty sure its
> an issue with my config. The config test is successful, no errors in the
> error log (level debug), the 502 status code is expected and shouldn't
> impact the realip module.
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170828/6032354f/attachment.html>


More information about the nginx mailing list