Am 24.01.2013 21:02, schrieb Stefan Fritsch: >> 10.0.0.103 - - [23/Jan/2013:17:01:53 +0100] "GET >> /images/page/tidy_16.gif HTTP/1.1" 304 - >> "http://www.test.rh:8080/" "Mozilla/5.0 (X11; Linux x86_64; >> rv:18.0) Gecko/20100101 Firefox/18.0" (-%) > > > The problem seems to be ap_get_remote_host() which is used by the %h > used in the default access log format. But resolving an IP address > that came via X-Forwarded-For does not make any sense anyway, because > the server's view of DNS may be different than the proxy's view
if there is a different view it makes the behavior more worse example: * httpd is running in a LAN, no public access and has 10.0.0.6 * trafficserver is running on a public IP * trafficserver connects with a second NIC to the httpd-backend you do not want in such cases your private IP's anywhere because X-Forwarded-For is the only place where you see a non LAN-address and from the view of the application you are interested in the public IP * usages / geoip * scripts which behave differently for trusted LAN-addresses
signature.asc
Description: OpenPGP digital signature