Hello! On Wed, Dec 16, 2015 at 06:56:02PM +0300, Vsevolod Petrov wrote:
> Hello, > > proxy_bind directive allows to specify source IP address for proxied > connections. > This directive can be set to local IP address. > > I'm wondering if there's a way to set $remote_addr as proxy_bind address? > Or any other non-local IP address? > > The idea is to see original client source IP address at the server site. > While it's not http traffic I cannot use XFF header. > > Destination MAC address in the response packet from the server is set to > nginx server interface address. So, there's no problem at layer 2 > communication. > > Can nginx listen for responses coming to non-local destination address? In theory this is possible with appropriate OS-level support, and as long as you are able to route packets properly. In particular, this should be possible on OpenBSD using SO_BINDANY, on FreeBSD using IP_BINDANY, and on Linux using IP_TRANSPARENT/IP_FREEBIND. An erlier attempt to make it work on nginx can be found here (OpenBSD-specific patch): http://mailman.nginx.org/pipermail/nginx-devel/2010-October/000533.html As far as I understand, doing proper support should be mostly trivial now with variables support in proxy_bind. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
