You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ruiyuan Jiang <Ru...@liz.com> on 2009/11/20 23:36:14 UTC
[users@httpd] Adding module to Apache-httpd
Hi,
I need the module "mod_remoteip" which is not included in the standard httpd-2.2.14 distribution. I downloaded the source code from people.apache.org/~wrowe/mod_remoteip.c. There is no instruction for the source code as how to compile the module. On the Apache's web site, the document shows that after httpd v1.3, to add additional module, simply add a line to the 'configure' file in the source directory and then compile:
AddModule modules/extra/mod_remoteip.c
and I copied the file to the location. The compilation went through no problem as I included some other modules such as ssl, proxy, etc. but I don't think Apache compiled the module for me. Does anyone know how to add module to Apache-httpd compilation or maybe simply compile the module and then load the module to the httpd? Thanks in advance.
Ryan Jiang
This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Adding module to Apache-httpd
Posted by Ruiyuan Jiang <Ru...@liz.com>.
Hi, William
Can you give me more details:
There is the %{Header-Name}i syntax of the custom log, so you could easily
verify which header is actually in use. X-Forwarded-For is the usual 'public' method,
I will use Apache as reverse proxy not forward proxy. So the IPs are from Internet user not internal private IP users. The remote internal IP is not suitable for me in my case. Thanks.
Ryan
-----Original Message-----
From: William A. Rowe Jr. [mailto:wrowe@rowe-clan.net]
Sent: Monday, November 30, 2009 8:39 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Adding module to Apache-httpd
Ruiyuan Jiang wrote:
> I compiled remoteip module and loaded it without problem.
> In one of my virtualhost of Apache reverse proxy, I added and tested:
>
> RemoteIPHeader X-Client-IP
> Or
> RemoteIPHeader X-Forwarded-For
>
> Or both
>
> I don't see the remote client IP is being forwarded to the backend server from Apache as it supposed to be. Does anyone know why or what I did wrong? Thanks.
There is the %{Header-Name}i syntax of the custom log, so you could easily
verify which header is actually in use. X-Forwarded-For is the usual 'public'
method, but nobody promises you'll have such information assigned. The other
example would entirely depend on your load balancer/router which picks up the
requests and has redispatched them. Usually such devices will *not* share any
info over the web, but replace that particular header unilaterally.
Also note the module will only set the IP address as 'authentic' when the remote
machine is trusted, see
http://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#remoteipinternalproxy
and the commentary at the top of that page.
[I'm thinking about a RemoteIPTrustedHeader directive that wouldn't deal with
that scrutiny, but I'm a bit hesitant. You know your own IP's of your own
infrastructure to trust such proxies, right?]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Adding module to Apache-httpd
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
Ruiyuan Jiang wrote:
> I compiled remoteip module and loaded it without problem.
> In one of my virtualhost of Apache reverse proxy, I added and tested:
>
> RemoteIPHeader X-Client-IP
> Or
> RemoteIPHeader X-Forwarded-For
>
> Or both
>
> I don't see the remote client IP is being forwarded to the backend server from Apache as it supposed to be. Does anyone know why or what I did wrong? Thanks.
There is the %{Header-Name}i syntax of the custom log, so you could easily
verify which header is actually in use. X-Forwarded-For is the usual 'public'
method, but nobody promises you'll have such information assigned. The other
example would entirely depend on your load balancer/router which picks up the
requests and has redispatched them. Usually such devices will *not* share any
info over the web, but replace that particular header unilaterally.
Also note the module will only set the IP address as 'authentic' when the remote
machine is trusted, see
http://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#remoteipinternalproxy
and the commentary at the top of that page.
[I'm thinking about a RemoteIPTrustedHeader directive that wouldn't deal with
that scrutiny, but I'm a bit hesitant. You know your own IP's of your own
infrastructure to trust such proxies, right?]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Adding module to Apache-httpd
Posted by Ruiyuan Jiang <Ru...@liz.com>.
I compiled remoteip module and loaded it without problem.
In one of my virtualhost of Apache reverse proxy, I added and tested:
RemoteIPHeader X-Client-IP
Or
RemoteIPHeader X-Forwarded-For
Or both
I don't see the remote client IP is being forwarded to the backend server from Apache as it supposed to be. Does anyone know why or what I did wrong? Thanks.
Ryan
-----Original Message-----
From: Nicholas.Kew@Sun.COM [mailto:Nicholas.Kew@Sun.COM] On Behalf Of Nick Kew
Sent: Friday, November 20, 2009 5:48 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Adding module to Apache-httpd
Ruiyuan Jiang wrote:
> Hi,
>
> I need the module "mod_remoteip" which is not included in the standard httpd-2.2.14 distribution.
http://httpd.apache.org/docs/2.2/programs/apxs.html
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Adding module to Apache-httpd
Posted by Nick Kew <ni...@webthing.com>.
Ruiyuan Jiang wrote:
> Hi,
>
> I need the module "mod_remoteip" which is not included in the standard httpd-2.2.14 distribution.
http://httpd.apache.org/docs/2.2/programs/apxs.html
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org