Hi Pedro, You can use the log-format statement available in HAProxy 1.5. Everything is explained in the doc. If you need more help, please let us know.
Baptiste On Thu, May 9, 2013 at 3:21 PM, Pedro Mata-Mouros <[email protected]> wrote: > Hi, > > Picking up this old thread, is there a way of actually replacing the > client_ip in the logs with this captured header X-Forwarded-For? I'm using > AWS and the current setup uses AWS LBs to deliver traffic to my HAProxy box, > and this way every single client_ip I'm seeing in the logs is from the LB > internal IP address - which is kind of wasted space... > > Thanks, > > Pedro. > > On 5 Jul 2011, at 21:25, Julien Vehent <[email protected]> wrote: > > On Tue, 05 Jul 2011 16:17:24 +0100, Hugo Silva wrote: > > I just finished setting up apache+mod_security in front of haproxy: > > user--> apache+modsec --> haproxy --> webservers --> fastcgi > > The reasoning being that if apache was behind haproxy, then the backend > (nginx+php) servers wouldn't show on the haproxy admin interface (the > apaches would). > > I'm not 100% sure if this is the best way to go about it, but for the > time being that's the approach. Feel free to suggest/discuss alternatives. > > > Because the site is live, I'm doing this in phases. For now the firewall > on the load balancers redirects incoming connections from certain IPs to > the new apache+modsec setup, while everything else is business as usual. > > The few connections that go through the test setup get logged by haproxy > as coming from 127.0.0.1. This is because the firewall redirects to > 127.0.0.1:aaaa (apache) which then ProxyPass'es to haproxy > (127.0.0.1:bbbb); therefore haproxy sees an incoming connection from > 127.0.0.1. > > Apache properly sets the X-Forwarded-For header. > > Question: Can I somehow tell haproxy to log that instead? > If it is possible, are there security implications ? > > > > x-forwarded-for is a http header. like any other http header, you can ask > haproxy to log it by using > > frontend XYZ > [...] > option httplog > capture request header X-Forwarded-For len 50 > > > it will appear in the logs in field #14, enclosed between "{}" characters. > http://code.google.com/p/haproxy-docs/wiki/HTTPLogFormat > > > > Julien > > >
