On Fri, Mar 24, 2017 at 06:10:33PM +0100, Hiltjo Posthuma wrote:
> Hey,
>
> I think there is a typo in relayd.conf(5).
>
> X-Forwarded-By should be the server $SERVER_ADDR instead of the client
> $REMOTE_ADDR.
>
> X-Forwarded-For is the client (correct).
>
> diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5
> index 8bed93efa1f..5f3eb0b2f9a 100644
> --- a/usr.sbin/relayd/relayd.conf.5
> +++ b/usr.sbin/relayd/relayd.conf.5
> @@ -1470,7 +1470,7 @@ http protocol "https" {
> match header append "X-Forwarded-For" \e
> value "$REMOTE_ADDR"
> match header append "X-Forwarded-By" \e
> - value "$REMOTE_ADDR:$SERVER_PORT"
> + value "$SERVER_ADDR:$SERVER_PORT"
> match header set "Keep-Alive" value "$TIMEOUT"
>
> match query hash "sessid"
>
I agree. OK claudio@
--
:wq Claudio