maskit commented on issue #12489:
URL:
https://github.com/apache/trafficserver/issues/12489#issuecomment-3271553695
> 1. Connections with both a PROXY header and without were accepted. In most
applications Proxy Protocol listeners require the PROXY header (or v2
equivalent), and documentation states that this should be the case for ATS. Is
this expected?
Yes. ATS supports both v1 and v2, and it works on Unix Domain Socket as well.
> 2. Client IP passed via proxy protocol was not logged with the %<chi>
selector: the log format string client_ip=%<chi> resulted in the output
client_ip= (i.e. empty string).
The documentation is unclear but the `%<chi>` does not log the IP address
from PROXY protocol. You can use `%<pps>` for the address instead. The thing is
that you cannot switch ATS log fields to use by whether PROXY protocol is used.
So if you want to have the real client IP address in `client_ip` regardless of
whether PROXY protocol is used, you need to use header_rewrite plugin and set
an @ prefixed header so that you can access it from your logging format like
`%<{@Real-Client-IP-Address}cqh>`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@trafficserver.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
