On 02/15/2017 12:19 PM, Jordan Gigov wrote: > On 15 February 2017 at 12:50, Sander Hoentjen <san...@hoentjen.eu> wrote: >> Hey guys, >> >> I am trying to use both mod_remoteip with ProxyProtocol and mod_http2. >> It looks like mod_http2 gets handed the connection before mod_remoteip, >> so things don't work as they should. ProxyProtocol should always be >> handled first, since it is prepended to the stream. Any pointers to >> where in the code I can look to change things around? >> >> -- >> Sander > Try modules/http2/h2_h2.c line 550 add "mod_remoteip.c" after "mod_ssl.c". > > This reminds me since remoteip is being updated, maybe it should also > specify some before and after mods to avoid. It seems I was wrong, the issue is that for some reason remoteip_hook_pre_connection is called twice for a h2 connection:
[Wed Feb 15 14:32:08.048968 2017] [remoteip:debug] [pid 8521] mod_remoteip.c(1015): [client 192.168.122.1:35136] AH03503: RemoteIPProxyProtocol: enabled on connection to 192.168.122.249:84 [Wed Feb 15 14:32:08.049082 2017] [remoteip:debug] [pid 8521] mod_remoteip.c(1406): [client 192.168.122.1:35136] AH03511: RemoteIPProxyProtocol: received valid PROXY header: 192.168.122.1:35136 [Wed Feb 15 14:32:08.049554 2017] [http2:debug] [pid 8521] h2_session.c(994): [client 192.168.122.1:35136] AH03200: h2_session(4) created, max_streams=100, stream_mem=32768, workers_limit=6, workers_max=1, push_diary(type=1,N=256) [Wed Feb 15 14:32:08.049579 2017] [http2:debug] [pid 8521] h2_session.c(1088): [client 192.168.122.1:35136] AH03201: h2_session(4): start, INITIAL_WINDOW_SIZE=65535, MAX_CONCURRENT_STREAMS=100 [Wed Feb 15 14:32:08.049589 2017] [http2:debug] [pid 8521] h2_session.c(2067): [client 192.168.122.1:35136] AH03079: h2_session(4): started on localhost.localdomain:84 [Wed Feb 15 14:32:08.049596 2017] [http2:debug] [pid 8521] h2_session.c(1721): [client 192.168.122.1:35136] AH03078: h2_session(4): transit [INIT] -- init --> [BUSY] [Wed Feb 15 14:32:08.049616 2017] [http2:debug] [pid 8521] h2_session.c(441): [client 192.168.122.1:35136] AH03066: h2_session(4): recv FRAME[SETTINGS[length=0, stream=0]], frames=0/0 (r/s) [Wed Feb 15 14:32:08.049628 2017] [http2:debug] [pid 8521] h2_stream.c(189): [client 192.168.122.1:35136] AH03082: h2_stream(4-1): opened [Wed Feb 15 14:32:08.049655 2017] [http2:debug] [pid 8521] h2_session.c(441): [client 192.168.122.1:35136] AH03066: h2_session(4): recv FRAME[HEADERS[length=31, hend=1, stream=1, eos=1]], frames=1/0 (r/s) [Wed Feb 15 14:32:08.049706 2017] [http2:debug] [pid 8521] h2_session.c(677): [client 192.168.122.1:35136] AH03068: h2_session(4): sent FRAME[SETTINGS[length=6, stream=0]], frames=2/0 (r/s) [Wed Feb 15 14:32:08.049768 2017] [remoteip:debug] [pid 8521] mod_remoteip.c(1015): [client 192.168.122.1:35136] AH03503: RemoteIPProxyProtocol: enabled on connection to 192.168.122.249:84 [Wed Feb 15 14:32:08.049810 2017] [remoteip:warn] [pid 8521] [client 192.168.122.1:35136] AH03496: RemoteIPProxyProtocol data is missing, but required! Aborting request. [Wed Feb 15 14:32:08.049840 2017] [http2:debug] [pid 8521] h2_request.c(271): [client 192.168.122.1:35136] AH03367: h2_request: access_status=400, request_create failed mod_remote ip has: /* mod_proxy creates outgoing connections - we don't want those */ if (!remoteip_is_server_port(c->local_addr->port)) { return DECLINED; } I am guessing something similar is needed for h2 connections? -- Sander