The default vcl_recv will handle setting the X-Forwarded-For header. You can see the default here: https://www.varnish-cache.org/trac/browser/bin/varnishd/default.vcl?rev=3.0
Do you have a return(XXX); in your vcl_recv? If you do then it will never execute the default vcl_recv which sets the X-Forwarded-For. Your other option is to just copy/paste the X-Forwarded-For code from the default.vcl into your vcl_recv. Raul -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Andreas Götzfried Sent: Thursday, January 31, 2013 7:02 AM To: [email protected] Subject: add req.http.x-forwarded-for header Hello, i use varnish (3.0.2) and nginx (1.2.1), and i have a special setup: http: varnish (listens on *.80) -> nginx-backend (127.0.0.1:81) https: nginx (public ip:443) -> proxy_pass to same varnish instance -> nginx-backend (127.0.0.1:81) When varnish receives the requests proxied by nginx (https), varnish sees 127.0.0.1 as source, and there seems to be no solution getting varnish see the real ip. But, as you might guess, i want the public ip (need it for performance reasons) of the user. For https i found a solution. nginx is able to pass the real ip in a header: proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; By customizing the varnishncsa log format i'm able to see the users' ip address passed by nginx. So far, so good. But i'm not able to set this header when nginx isn't involved. I tried this: At the beginning of 'sub vcl_recv': if (!req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = client.ip; } My intention was: if this header isn't set (and it shouldn't when varnish is accessed directly via https), set it with the value of the client ip. I've tried a couple of variations, but in the end the value in the varnishncsa log is always empty. Well... what am i doing wrong? Where's the error? thx Andreas _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
