On 2025-09-10, Lars Bonnesen <lars.bonne...@gmail.com> wrote: > Been running apache where this seems to work correctly, but on a new > openbsd install, I am evaluating a shift to httpd - but I am hitting a > lot of challenges. > > Currently I am trying to get some decent logging. That is log clients > original IP, not the HAproxy IP. > > I have been reading the man pages especially: > > [no] log [option] > > part, but log style forwarded seems not to do the trick. And openbsd > httpd apparently does not understand the send-proxy from HAproxy. > > Any ideas?
httpd doesn't accept haproxy's "PROXY protocol" (https://www.haproxy.org/download/3.1/doc/proxy-protocol.txt) so you'll need to pass the src addr via another method. do you have 'option forwardfor' in your haproxy config? https://www.haproxy.com/documentation/haproxy-configuration-tutorials/proxying-essentials/client-ip-preservation/add-x-forward-for-header/ https://www.haproxy.com/documentation/haproxy-configuration-manual/latest/#option%20forwardfor from my reading, that should work with "style forwarded" from openbsd base's httpd (though note that with that, the src addr is in an appended field, it does not replace the proxy's address that will still be used for writing the usual second column of the combined-with-vhost log format - there's nothing like nginx's http_realip_module). -- Please keep replies on the mailing list.
