Closed peace4j closed 1 month ago
https://github.com/fatedier/frp?tab=readme-ov-file#get-real-ip
Thanks a lot. But it's not what I need.
As I mentioned above, I want to get the real ip from TCP client, NOT from HTTP client. It's a TCP application, NOT a HTTP application. And I run my frpc in a docker container.
@fatedier
https://github.com/fatedier/frp?tab=readme-ov-file#get-real-ip
Thanks a lot. But it's not what I need.
As I mentioned above, I want to get the real ip from TCP client, NOT from HTTP client. It's a TCP application, NOT a HTTP application. And I run my frpc in a docker container.
@fatedier
你的 TCP 客户端 需要实现 Proxy Protocol
https://github.com/fatedier/frp?tab=readme-ov-file#get-real-ip
Thanks a lot. But it's not what I need. As I mentioned above, I want to get the real ip from TCP client, NOT from HTTP client. It's a TCP application, NOT a HTTP application. And I run my frpc in a docker container. @fatedier
你的 TCP 客户端 需要实现
Proxy Protocol
谢谢回复。
1、没有看到有配置参考案例,您有的话,发一个给看看 2、你说的是tcp客户端,还是frpc客户端?如果是tcp客户端,那么这个说法就有点不太make sense了。要知道这个功能本来就是要防止客户端隐匿自己的IP,现在居然要求它支持proxy protocol才能知道它真实IP,想想这些客户端们得多高兴。举个反例,试想下,用所谓的不支持Proxy Protocol的客户端去访问支持Proxy Protocol的Nginx、或者各种其他支持Proxy Protocol的反向代理后面的Nginx,你看这个故意不支持Proxy protocol的客户端能不能成功把自己IP藏起来。
https://github.com/fatedier/frp?tab=readme-ov-file#get-real-ip
Thanks a lot. But it's not what I need. As I mentioned above, I want to get the real ip from TCP client, NOT from HTTP client. It's a TCP application, NOT a HTTP application. And I run my frpc in a docker container. @fatedier
你的 TCP 客户端 需要实现
Proxy Protocol
谢谢回复。
1、没有看到有配置参考案例,您有的话,发一个给看看 2、你说的是tcp客户端,还是frpc客户端?如果是tcp客户端,那么这个说法就有点不太make sense了。要知道这个功能本来就是要防止客户端隐匿自己的IP,现在居然要求它支持proxy protocol才能知道它真实IP,想想这些客户端们得多高兴。举个反例,试想下,用所谓的不支持Proxy Protocol的客户端去访问支持Proxy Protocol的Nginx、或者各种其他支持Proxy Protocol的反向代理后面的Nginx,你看这个故意不支持Proxy protocol的客户端能不能成功把自己IP藏起来。
抱歉...我错过了一些信息。
需要 sshd 实现 Proxy Protocol
与 frpc 相互配合
https://github.com/fatedier/frp?tab=readme-ov-file#get-real-ip
Thanks a lot. But it's not what I need. As I mentioned above, I want to get the real ip from TCP client, NOT from HTTP client. It's a TCP application, NOT a HTTP application. And I run my frpc in a docker container. @fatedier
你的 TCP 客户端 需要实现
Proxy Protocol
谢谢回复。 1、没有看到有配置参考案例,您有的话,发一个给看看 2、你说的是tcp客户端,还是frpc客户端?如果是tcp客户端,那么这个说法就有点不太make sense了。要知道这个功能本来就是要防止客户端隐匿自己的IP,现在居然要求它支持proxy protocol才能知道它真实IP,想想这些客户端们得多高兴。举个反例,试想下,用所谓的不支持Proxy Protocol的客户端去访问支持Proxy Protocol的Nginx、或者各种其他支持Proxy Protocol的反向代理后面的Nginx,你看这个故意不支持Proxy protocol的客户端能不能成功把自己IP藏起来。
抱歉...我错过了一些信息。 需要 sshd 实现
Proxy Protocol
与 frpc 相互配合
嗯嗯,这个说法成立。我查查看SSHD有无这类支持。 谢谢
In fact, I also would like to know whether the FRPS server-side log files can be configured to record the IP address of each client connections. At the same time, to check which IP is occupying each port of the frps
Issues go stale after 21d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.
Bug Description
Actually it's not a bug, it's a discussion. But since no place to discuss it, I have to post it here. Sorry for that. I just can't get the real IP from client side when I deploy my services behind frp TCP proxies running in a docker container, both FRPS and FRPC. Let me describe it clearly below.
On the service side in my LAN, it's a host server runs many docker containers. Of course, I devided each service into individual container. In them, there is a frpc service running in one of them. I use this frpc to expose my ssh service to public network on frps, on which the exposed port is 31818. ( I disabled password login on the SSHD so that only authorized users can login through port 31818 with certificated private key)
Even I know it's safe now for my SSHD, but as you know there are still many illegal break-in tries everyday and everytime happen on port 31818. They all left foot marks in /var/log/secure, such as below:
And in the log file of frps side, you will look :
The IP 172.18.0.2 is the address of the frpc container. It means sshd gets no real ip of the client side but only the ip address of the frpc container. The IP 108.179.aaa.143 and 87.107.aaa.59 are address of connection users, nothing can identify the visitions are legal or illegal.
Anybody knows how to get the real ip from client side, please let me know. I'll be appriciate.
All the best.
frpc Version
0.54.0
frps Version
0.54.0
System Architecture
linux/amd64 docker
Configurations
normally configuration. no special
Logs
No response
Steps to reproduce
...
Affected area