[users@httpd] IP based redirect with mod_rewrite

["Priya Vadlakonda (Contractor)" <Pr...@ucop.edu>]

Hi

 

How do I set up a rule in Apache( If at all that is possible) to
redirect traffic based on the IP address of the client.

 

Here is the set up of the env

 

There is a reverse proxy (F5 LTM) that does SSL offloading and this is
the first point the user hits and this does load balancing across our
Apache Web Servers.

 

So, we have Apache as a proxy server that sits behind the firewall and
this is the second entry point.

 

The problem is I would need to set up a rewrite rule in Apache that
diverts user to a web page depending on the original IP address of the
client.

 

We run Apache v2 and use {X-Forwarded-For}i feature that enables us to
record the IP address of the client in the access log.

 

In the access log I get both  the F5 proxy IP and also the original
client IP.

 

wsadmin@dolores:/etc/apache2> rpm -qa | grep apache2

apache2-2.0.49-27.38

apache2-worker-2.0.49-27.38

 

Now the condition and rule

 

As soon as the client hits the F5 and the request is sent to Apache, I
need Apache to make a decision by getting the actual client IP and
routing to the appropriate web page.

 

Say if the user is accessing a URI /* and the request is coming from
within 128.48.0.0/16 or ucop.edu domain

 

I need users to get to https://sseqa.ucop.edu/* 

 

For any other client IP requesting the same URI, Apache should make a
decision to re route the request to a different site https://--------

 

How do I do that?

 

Any support is appreciated.

 

I tried several ways to establish this but each time it fails. I don't
have the failure logs for one particular attempt.

 

%{REMOTE_ADDR}  

%{HTTP:X-FORWARDED-FOR}

%{REMOTE_HOST}  - When trying for a domain based redirect

 

Thanks

Priya

 

 

Re: [users@httpd] IP based redirect with mod_rewrite

[Igor Cicimov <ic...@gmail.com>]

I wonder why the %{REMOTE_ADDR} approach is failing? Are you getting a wrong
REMOTE_ADDR or your rule is not working? Can you please post your rewrite
rule for that case and appropriate rewrite logs with RewriteLogLevel set as
high as possible for debugging?

You can also try to combine SetEnvIf and mod_rewrite for Remote_Addr
parameter but if the above try is failing this one should be failing too
since practically both are checking the same variable.

Igor

On Thu, May 6, 2010 at 6:09 AM, Priya Vadlakonda (Contractor) <
Priya.Vadlakonda@ucop.edu> wrote:

>  Hi
>
>
>
> How do I set up a rule in Apache( If at all that is possible) to redirect
> traffic based on the IP address of the client.
>
>
>
> Here is the set up of the env
>
>
>
> There is a reverse proxy (F5 LTM) that does SSL offloading and this is the
> first point the user hits and this does load balancing across our Apache Web
> Servers.
>
>
>
> So, we have Apache as a proxy server that sits behind the firewall and this
> is the second entry point.
>
>
>
> The problem is I would need to set up a rewrite rule in Apache that diverts
> user to a web page depending on the original IP address of the client.
>
>
>
> We run Apache v2 and use {X-Forwarded-For}i feature that enables us to
> record the IP address of the client in the access log.
>
>
>
> In the access log I get both  the F5 proxy IP and also the original client
> IP.
>
>
>
> wsadmin@dolores:/etc/apache2> rpm -qa | grep apache2
>
> apache2-2.0.49-27.38
>
> apache2-worker-2.0.49-27.38
>
>
>
> Now the condition and rule
>
>
>
> As soon as the client hits the F5 and the request is sent to Apache, I need
> Apache to make a decision by getting the actual client IP and routing to the
> appropriate web page.
>
>
>
> Say if the user is accessing a URI /* and the request is coming from within
> 128.48.0.0/16 or ucop.edu domain
>
>
>
> I need users to get to https://sseqa.ucop.edu/*
>
>
>
> For any other client IP requesting the same URI, Apache should make a
> decision to re route the request to a different site https://--------
>
>
>
> How do I do that?
>
>
>
> Any support is appreciated.
>
>
>
> I tried several ways to establish this but each time it fails. I don’t have
> the failure logs for one particular attempt.
>
>
>
> %{REMOTE_ADDR}
>
> %{HTTP:X-FORWARDED-FOR}
>
> %{REMOTE_HOST}  - When trying for a domain based redirect
>
>
>
> Thanks
>
> Priya
>
>
>
>
>