search

perusio / drupal-with-nginx

Running Drupal using nginx: an idiosyncratically crafted bleeding edge configuration.
855 stars 246 forks source link

Drupal 7 set_real_ip_from value #271

Closed ykyuen closed 7 years ago

ykyuen commented 7 years ago

First of all, Thanks for sharing these helpful config files. =)

I have a varnish sits in front of the nginx and i want to print the real client ip in the access log. In the current nginx.conf, the real ip settings is:

set_real_ip_from 0.0.0.0/32; # all addresses get a real IP.
real_ip_header X-Forwarded-For; # the ip is forwarded from the load balancer/proxy

I have also added the set req.http.X-Forwarded-For = client.ip; in my varnish config. but the access.log is still showing the varnish ip but not the client ip.

But after i hv changed the set_real_ip_from to the following value:

set_real_ip_from 0.0.0.0/0; # all addresses get a real IP.
real_ip_header X-Forwarded-For; # the ip is forwarded from the load balancer/proxy

Then i could get the client ip in the access log. So the value should be 0.0.0.0/0?

IslandUsurper commented 7 years ago

set_real_ip should be the IPs of any reverse proxies, like Varnish, that connect to nginx. But 0.0.0.0/0 will work because it matches every IP address.

In contrast, 0.0.0.0/32 only matches the IP 0.0.0.0, which nothing will actually have, so nginx wouldn't get the real IP from the header.

This is called CIDR notation, and the larger the number after the /, the fewer IP addresses will match.

ykyuen commented 7 years ago

I got it. Thanks. =D