On Fri, Jan 12, 2018 at 12:31:39PM +0100, Harrie Robins wrote: > Wow, that will be great. And I think that many people would like this to be > implemented! > I volunteer to test this! > > Also, with many people fronting that machines with cloudflare / load > balancers, I think demand will increase for this. > I could just write a valve to replace the mod_cloudflare module that I used > in apache (mod cloudflare is mod_remoteip with settings predefined). > > Regards, > > Harrie > > -----Oorspronkelijk bericht----- > Van: Christopher Schultz [mailto:ch...@christopherschultz.net] > Verzonden: 09 January 2018 00:25 > Aan: users@tomcat.apache.org > Onderwerp: Re: internalProxies regex > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Harrie, > > On 1/5/18 3:47 AM, Harrie Robins wrote: > > our tomcat application server are fronted by 1. cloudflare, and 2. > > amazon load balancer. In apache there is mod_remote IP and I can > > simply put in CIDR range: https://www.cloudflare.com/ips/ that will > > swallow all those IP and will get the correct IP to tomcat. > > > > In Tomcat I need > > https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/catalina/valve > s/RemoteIpValve.html > > > > > which does not accept CIDR range however. > > Have a look at this: > > https://bz.apache.org/bugzilla/show_bug.cgi?id=51953 > > It was never merged into Tomcat, but if it got some additional interest and > testing, perhaps it could be added. > > - -chris
There's also this: https://github.com/mwoodiupui/tomcat-extras -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu
signature.asc
Description: PGP signature