Hi.
I'm running Roxen 4.5.146 servers behind reverse proxy(squid).
Normally, remote ip address of requests are always RP's
IP(192.168.10.1, on my site). So I wrote FIRST TRY module which
rewrite id->remoteaddr with address supplied by "x-forwarded-for"
header, attatched below.
My module works correct most times, but sometimes conversion never
occur. When it happens, it seems my first try module just skipped. I
find it by no "rp_trans" DWERR message found in server log. I guess
it has something to do with keep-alive connection, but I can't see how
to solve this problem.
Could you tell me how to fix this? Where in request path to put this
kind of module?
--
Eiichiro ITANI
----x8--------x8--------x8--------x8--------x8--------x8----
// reverse proxy transparentize FIRST TRY module.
inherit "module";
constant cvs_version = "0.01 rp_trans.pike,v 0,1(Not cvs managed)";
constant thread_safe = 1;
constant module_type = MODULE_FIRST;
constant module_name = "rp_trans";
constant module_doc = "Using x-forwaded-for and remote_ip, transparentize
reverse proxy host.";
#define DWERR(X) werror("rp_trans: "+X+"\n")
//define DWERR(X)
void create() {
defvar("throughhosts",Variable.StringList((),0,"Concerned as Reverse Proxy
IP-Addr",
"Matching IP address will be
concerned as"
"Reverse Proxy host. If remote
address matches this,"
"x-forwaded-for Header will treated
as remote address."));
}
void first_try(RequestID id) {
array(string) through = query("throughhosts");
array(string) squid_format;
string remote = "";
// DWERR(id->method + " " + (string)id->raw_url + " " + (string)id->prot +
"\n");
foreach (through, string rip) {
if (id->remoteaddr == rip) {
if (id->request_headers["x-forwarded-for"]) {
if (arrayp(id->request_headers["x-forwarded-for"])) {
remote = id->request_headers["x-forwarded-for"][0];
} else {
squid_format = id->request_headers["x-forwarded-for"] / ", ";
remote = squid_format[-1];
}
// DWERR(sprintf("%s",rip+" "+remote));
}
}
}
id->client_var["rp_trans_conn_port"] = (string)id->port_obj->port;
if (remote != "") {
id->misc["rp_trans"] = id->remoteaddr;
id->client_var["rp_trans_converted"] = id->remoteaddr;
id->remoteaddr = remote;
id->client_var["ip"] = remote;
}
if (id->remoteaddr == "192.168.10.1") {
string full_header = id->method + " " + (string)id->raw_url + " " +
(string)id->prot + "\n";
foreach (indices(id->request_headers),string headers) {
full_header += "\t" + headers + ": " + id->request_headers[headers] + "\n";
}
DWERR(full_header);
}
return;
}
|