Re: HTTP::Proxy and X-Forwarded-For headers

That header:

X-Forwarded-For: client, proxy1, proxy2,.....
[download]

is the correct order as each proxy effectively appends to this string. See mod_extract_forwarded for background....

What appears to have happened is that you have successfully removed the XFF header and added in your supplied IP as the client. I expect that the two instances of 10.0.0.50 are succesively added by HTTP::Proxy and then Apache2 *after* this point. This is expected, as is the order. But this should not matter per se as the client is the leftmost IP (you may choose to ignore anything to the left of a trusted proxy as they could just be spoofing). You could fix the problem simply by adding a mod_extract_forwarded handler and making 10.0.0.50 'trusted', but......

It *seems* your expectation is that the originating client (for geotargetting) is the right most entity. This is wrong. It is the left most IP in the list. FWIW this snippet comes from some of our code:

    my $ip = $ENV{'HTTP_X_FORWARDED_FOR'} || $ENV{'REMOTE_HOST'} || $E
+NV{'REMOTE_ADDR'};
    # HTTP_X_FORWARDED_FOR may be 'xxx.xxx.xxx.xxx, xxx.xxx.xxx.xxx'
    # originating client is left most IP. this split patches issues as
+ some proxies
    # add space after IP and before ,
    ($ip) = split /\s*,/, $ip;
[download]

cheers

tachyon

Comment on Re: HTTP::Proxy and X-Forwarded-For headers Select or Download Code

Replies are listed 'Best First'.
Re^2: HTTP::Proxy and X-Forwarded-For headers by cleverett (Friar) on Sep 13, 2004 at 22:30 UTC
Hmmm, Then what I can't understand is why `Apache->requeqest->connection->remote_ip() returns 10.0.0.50` I'd better look at how I set up mod_rpaf in my apache+mod_perl. If I didn't have it set up, I would expect remote_ip() to return 127.0.0.1	[reply] [d/l]
Re^3: HTTP::Proxy and X-Forwarded-For headers by tachyon (Chancellor) on Sep 13, 2004 at 22:37 UTC
Don't you have this: `Client->HTTP::Proxy 10.0.0.50->Apache 10.0.0.50->Application` [download] The connection is from 10.0.0.50. mod_extract_forwarded fixes that problem. cheers tachyon	[reply] [d/l]
Re^4: HTTP::Proxy and X-Forwarded-For headers by cleverett (Friar) on Sep 13, 2004 at 22:43 UTC
I have the proxy at localhost:1081, using the proxy setting in the browser. I should post the code to my proxy: #!/usr/bin/perl ## ## live-test-proxy.pl ## use strict; use warnings; my $port = 1081; my $file = './http-proxy-recording.pl'; use HTTP::Proxy; use HTTP::Recorder; # create a new HTTP::Recorder object my $agent = HTTP::Recorder->new(file => $file); # create proxy and configure my $proxy = HTTP::Proxy->new(); $proxy->port($port); $proxy->agent( $agent ); # set HTTP::Recorder as the a +gent for the proxy $proxy->x_forwarded_for(0); $proxy->push_filter( host => 'ceverett.medbanner.com', path => '/cgi-bin/', request => EngineTestFilter->new(), ); # start the proxy $proxy->start(); package EngineTestFilter; use base qw/HTTP::Proxy::HeaderFilter/; use strict; use warnings; use Data::Dumper; sub filter { my ($self, $headers, $request) = @_; my $uri = $request->uri(); my ($location, $query) = split(/\?/, $uri); my %params = map { split /=/ } map { split /&/ } $query; $request->uri($location .'?'.join('&', map { "$_=$params{$_}" } qw/ +a s/)); $headers->header(Referer => $params{referer}); $headers->remove_header('X-Forwarded-For'); $headers->header('X-Forwarded-For' => $params{remote_ip}); } 1; [download]	[reply] [d/l]
Re^5: HTTP::Proxy and X-Forwarded-For headers by tachyon (Chancellor) on Sep 13, 2004 at 22:49 UTC
Re^6: HTTP::Proxy and X-Forwarded-For headers by cleverett (Friar) on Sep 14, 2004 at 05:15 UTC
Some notes below your chosen depth have not been shown here