The default.vcl included with varnish sets the X-Forwarded-For header or even appends to it if it exists. I'm assuming your vcl_recv has a return statement that is preventing the default from running.
Raul -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Andreas Götzfried Sent: Wednesday, February 06, 2013 5:20 AM To: [email protected] Subject: add req.http.x-forwarded-for header Hello, i use varnish (3.0.2) and nginx (1.2.1), and i have a special setup: http: varnish (listens on *.80) -> nginx-backend (127.0.0.1:81) https: nginx (public ip:443) -> proxy_pass to same varnish instance -> nginx-backend (127.0.0.1:81) When varnish receives the requests proxied by nginx (https), varnish sees 127.0.0.1 as source, and there seems to be no solution getting varnish see the real ip. But, as you might guess, i want the public ip (need it for performance reasons) of the user. But i found a solution - nginx is able to pass the real ip in a header: proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; By customizing the varnishncsa log format i'm able to see the users' ip address passed by nginx. So far, so good. But for http (managed by varnish) i'm not able to set this header when nginx isn't involved. I tried this: At the beginning of 'sub vcl_recv': if (!req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = client.ip; } My intention was: if this header isn't set (and it shouldn't when varnish directly receives requests via http), set it with the value of the client ip. I've tried a couple of variations, but in the end the value in the varnishncsa log is always empty. Well... what am i doing wrong? Where's the error? thx Andreas _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
