Hey,
I think there is a typo in relayd.conf(5).
X-Forwarded-By should be the server $SERVER_ADDR instead of the client
$REMOTE_ADDR.
X-Forwarded-For is the client (correct).
diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5
index 8bed93efa1f..5f3eb0b2f9a 100644
--- a/usr.sbin/relayd/relayd.conf.5
+++ b/usr.sbin/relayd/relayd.conf.5
@@ -1470,7 +1470,7 @@ http protocol "https" {
match header append "X-Forwarded-For" \e
value "$REMOTE_ADDR"
match header append "X-Forwarded-By" \e
- value "$REMOTE_ADDR:$SERVER_PORT"
+ value "$SERVER_ADDR:$SERVER_PORT"
match header set "Keep-Alive" value "$TIMEOUT"
match query hash "sessid"
--
Kind regards,
Hiltjo
