Hi,

> >>>I'm trying to figure out how to properly log clients' ip addresses in
> >>>apache's access log.
----------------------------------------------
---------------------------------------------
> >>This should not happen since you are changing the destination IP of the
> >>incoming requests and not the source IP. The only situation in which
> >>this can happen is when you have some SNAT rule which is changing the
> >>source IP of the requests to that of the firewall box. And most likely,
> >>you must be doing SNAT for the requests coming from your own LAN and
> >>changing their IP to the IP of the firewall box. So when the hosts in
> >>your LAN access the webserver through its public IP, all the requests
> >>get logged as coming from the firewall box. Just check your SNAT rules.

> > I'm not using any SNAT rules at my firewall.

> Do you have a proxy server running on the firewall box ?

See my network architecture as 

INTERNET
        |
Firewall Box ( This box have 4 externel ips on one NIC and 1 private ip 
192.168.1.x on other NIC. I'm using iptables with DNAT here )
        |
        |
        |(IP 192.168.1.y)
Gateway/ProxyServer ( This box also have firewall iptables rules to 
controlling LAN and DNAT for webserver) 
(IP 192.168.2.X)
        |
        |
   Switch-----------------LAN(192.168.2.0/24)
        |
WebServer ( Problem is here, i'm getting firewall's ip 192.168.1.x in apache's 
access log entry for all incoming requests to webserver whereas i wanted 
visitors' real ip)    (IP 192.168.2.X)


Thanks and Regards,
Abhiram


_______________________________________________
ilugd mailinglist -- [email protected]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[email protected]/

Reply via email to