nginx反向代理、让代理节点记录客户端真实IP
环境:根据http://www.cnblogs.com/zzzhfo/p/6032095.html环境配置
- 在web01或web02上查看用户访问日志
先客户端访问
[root@web_backup /]# for n in {1..20} ;do curl www.test.com;sleep 1 ;done <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/>
查看日志
[root@web01 /]# tail -f /etc/httpd/logs/www.test.com.access_log 192.168.119.128 - - [29/Sep/2016:22:14:33 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:14:35 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:14:37 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:14:39 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:14:41 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:15:51 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:15:53 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:15:55 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:15:57 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:16:00 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:16:02 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:16:04 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:16:06 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:16:08 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:16:10 +0800] "GET / HTTP/1.0" 200 22
web端记录的都是nginx的IP
修改nignx负载均衡器的/usr/local/nginx/conf/nginx.conf;在location / 添加 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream web_pools { server 192.168.119.130:80 weight=5; server 192.168.119.133:80 weight=5; server 192.168.119.131:80 weight=5 backup; } server { listen 80; server_name www.test.com; location / { root html; index index.html index.htm; proxy_pass http://web_pools; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } }
重启nginx服务
[root@lb01 /]# nginx -s stop [root@lb01 /]# nginx [root@lb01 /]# netstat -anpt | grep nginx tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2113/nginx
在web01和web02上修改 /etc/httpd/conf/httpd.conf
[root@web01 /]# vim /etc/httpd/conf/httpd.conf LogFormat "\"%{x-forwarded-for}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined <VirtualHost *:80> DocumentRoot "/var/www/www" ServerName www.test.com ErrorLog "logs/www.test.com.error_log" CustomLog "logs/www.test.com.access_log" combined </VirtualHost> <VirtualHost *:80> DocumentRoot "/var/www/bbs" ServerName bbs.test.com ErrorLog "logs/bbs.test.com.error_log" CustomLog "logs/bbs.test.com.access_log" combined </VirtualHost> [root@web01 /]# /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ]
[root@web02 /]# vim /etc/httpd/conf/httpd.conf LogFormat "\"%{x-forwarded-for}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined <VirtualHost *:80> DocumentRoot "/var/www/www" ServerName www.test.com ErrorLog "logs/www.test.com.error_log" CustomLog "logs/www.test.com.access_log" combined </VirtualHost> <VirtualHost *:80> DocumentRoot "/var/www/bbs" ServerName bbs.test.com ErrorLog "logs/bbs.test.com.error_log" CustomLog "logs/bbs.test.com.access_log" combined </VirtualHost>
测试:客户端访问
[root@web_backup /]# for n in {1..10} ;do curl www.test.com;sleep 1 ;done <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/> <h1>www.test.com<h1/>
到web节点查看日志
[root@web02 /]# tail -f /etc/httpd/logs/www.test.com.access_log 192.168.119.128 - - [29/Sep/2016:22:36:56 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:36:58 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:01 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:03 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:05 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:41 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:43 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:45 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:47 +0800] "GET / HTTP/1.0" 200 22 192.168.119.128 - - [29/Sep/2016:22:37:49 +0800] "GET / HTTP/1.0" 200 22 "192.168.119.131" - - [29/Sep/2016:22:41:23 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:41:25 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:41:27 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:41:29 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:41:31 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.b/1.2.3 libidn/1.18 libssh2/1.4.2"
[root@web01 /]# tail -f /etc/httpd/logs/www.test.com.access_log "192.168.119.131" - - [29/Sep/2016:22:33:16 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:18 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:20 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:22 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:24 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:26 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:28 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:30 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:32 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.119.131" - - [29/Sep/2016:22:33:34 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
这是apahce的日志信息
如果web节点为nginx服务、则不需要修改、默认已经支持、只需在代理上添加:proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;即可
[root@lb02 /]# vim /usr/local/nginx/conf/nginx.conf http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main;
