I have guacamole setup behind an nginx reverse proxy. I'm using the following options on the proxy to forward the remote IP to guacamole: proxy_set_header X-Real-IP $remote_addr; and proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
When these option are added the catalina.out log looks like this for a failed login attempt: 21:00:48.167 [http-nio-8080-exec-5] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [72.143.194.175, 192.168.10.68] for user "" failed. the 72.143.194.175 is the remote IP I'm testing from and 192.168.10.68 is the nginx proxy IP. I have have edited the regex on fail2ban to match the remote IP and it is being blocked successfully according to fail2ban but the connection can still get through, because fail2ban is still allowing the 192.168.10.68 IP address as well. so my question is is there anything I can edit with tomcat so it will only connect to the remote IP address and only list the remote IP in the logs instead of both the remote and proxy IP like I'm seeing now - [72.143.194.175, 192.168.10.68] -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
