#1588 closed defect (worksforme)
about realip module
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | other | Version: | 1.13.x |
| Keywords: | Cc: | ||
| uname -a: | 3.10.0 | ||
| nginx -V: | 1.13.6 | ||
Description
http {
real_ip_header X-Real-IP;
set_real_ip_from 127.0.0.1;
server {
listen 8000;
real_ip_header X-Forwarded-For;
location / {
....
}
}
}
local test:
#curl http://127.0.0.1:8000/
$remote_addr = "127.0.0.1"
#curl http://127.0.0.1:8000/ -H "X-Real-IP: 1.1.1.1"
$remote_addr = "1.1.1.1"
#curl http://127.0.0.1:8000/ -H "X-Forwarder-For: 2.2.2.2"
$remote_addr = "2.2.2.2"
#curl http://127.0.0.1:8000/ -H "X-Forwarder-For: 2.2.2.2" -H "X-Real-IP: 1.1.1.1"
$remote_addr = "2.2.2.2"
why not location level tack effect?
why X-real-IP tack effect?
Change History (8)
comment:1 by , 6 years ago
comment:2 by , 6 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Because you made a typo in header name (X-Forwarder-For instead of X-Forwarded-For).
comment:3 by , 6 years ago
| Resolution: | invalid |
|---|---|
| Status: | closed → reopened |
#curl http://127.0.0.1:8000/ -H "X-Forwarded-For: 2.2.2.2" -H "X-Real-IP: 1.1.1.1"
$remote_addr = "1.1.1.1"
also 1.1.1.1
comment:4 by , 6 years ago
ngx_http_realip_handler is setted in POST_READ and PREACCESS phase.
if POST_READ phase meeting the conditions takes effect, it will call ngx_http_set_ctx(r, ctx, ngx_http_realip_module).
so that PREACCESS phase will skip.
comment:5 by , 6 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | reopened → closed |
Using the following config:
http {
real_ip_header X-Real-IP;
set_real_ip_from 127.0.0.1;
server {
listen 8000;
real_ip_header X-Forwarded-For;
location / {
return 200 remote_addr=$remote_addr;
}
}
}
I get:
$ curl http://127.0.0.1:8000/ -H "X-Forwarded-For: 2.2.2.2" -H "X-Real-IP: 1.1.1.1" remote_addr=2.2.2.2 $ curl http://127.0.0.1:8000/ -H "X-Real-IP: 1.1.1.1" remote_addr=127.0.0.1
Only if I add another (default) server listening on port 8000, I get the behavior you observe:
server {
listen 8000 default_server;
server_name example.com;
return 200 remote_addr=$remote_addr;
}
$ curl http://127.0.0.1:8000/ -H "X-Forwarded-For: 2.2.2.2" -H "X-Real-IP: 1.1.1.1" ; echo
remote_addr=1.1.1.1
$ curl http://127.0.0.1:8000/ -H "X-Real-IP: 1.1.1.1" ; echo
remote_addr=1.1.1.1
If you need further assistance, please provide full config to reproduce the problem.
comment:6 by , 6 years ago
$ curl http://127.0.0.1:8000/ -H "X-Forwarded-For: 2.2.2.2" -H "X-Real-IP: 1.1.1.1" ; echo
remote_addr=1.1.1.1
this is the test result.
up above is typo error, sorry
#curl http://127.0.0.1:8000/ -H "X-Forwarder-For: 2.2.2.2" -H "X-Real-IP: 1.1.1.1"
$remote_addr = "1.1.1.1"