标签:
环境:
user:192.168.100.169
nginx代理:192.168.100.175
tomcat:192.168.100.175
域名:www.vijay.com --->192.168.100.175
1.nginx配置
server { listen 80; server_name www.vijay.com; location / { proxy_pass http://192.168.100.175:8080/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /status { stub_status on; access_log on; } }
2.web服务器端日志配置(如tomcat)
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %{X-Forwarded-For}i %{X-Real-IP}i %{Host}i %l %u %t "%r" %s %b" />
3.log日志:
192.168.100.175 192.168.100.169 192.168.100.169 www.vijay.com - - [11/May/2016:17:21:27 +0800] "GET /bg-upper.png HTTP/1.0" 304 - 192.168.100.175 192.168.100.169 192.168.100.169 www.vijay.com - - [11/May/2016:17:21:27 +0800] "GET /bg-nav.png HTTP/1.0" 304 - 192.168.100.175 192.168.100.169 192.168.100.169 www.vijay.com - - [11/May/2016:17:21:27 +0800] "GET /asf-logo.png HTTP/1.0" 304 - 192.168.100.175 192.168.100.169 192.168.100.169 www.vijay.com - - [11/May/2016:17:21:27 +0800] "GET /bg-button.png HTTP/1.0" 304 - 192.168.100.175 192.168.100.169 192.168.100.169 www.vijay.com - - [11/May/2016:17:21:27 +0800] "GET /tomcat.png HTTP/1.0" 304 - 192.168.100.175 192.168.100.169 192.168.100.169 www.vijay.com - - [11/May/2016:17:21:27 +0800] "GET /bg-middle.png HTTP/1.0" 304 -
%h :192.168.100.175
%{X-Forwarded-For}i:192.168.100.169
%{X-Real-IP}i:192.168.100.169
%{Host}i:www.vijay.com
备注:
X-Forwarded-For 和 X-Real-IP 的区及获取客户端的ip?
一般来说,X-Forwarded-For是用于记录代理信息的,每经过一级代理(匿名代理除外),代理服务器都会把这次请求的来源IP追加在X-Forwarded-For中 来自4.4.4.4的一个请求,header包含这样一行 X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3 代表 请求由1.1.1.1发出,经过三层代理,第一层是2.2.2.2,第二层是3.3.3.3,而本次请求的来源IP4.4.4.4是第三层代理。
而X-Real-IP,一般只记录真实发出请求的客户端IP,上面的例子,如果配置了X-Read-IP,将会是 X-Real-IP: 1.1.1.1 所以 ,如果只有一层代理,这两个头的值就是一样的。
标签:
原文地址:http://www.cnblogs.com/vijayfly/p/5482730.html