You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark <se...@yahoo.com> on 2005/01/27 21:28:42 UTC
logging remote IP address
Hi,
Can anybody help how to log remote IP internal address using catalina
logger (org.apache.catalina.*) classes and Http request class?
request.getRemoteAddr() returns only one IP, but I'd like to see if
the request came from subnewtwork or not:
I'm looking for both values external IP and internal so my log will
look like:
200.200.200.200 (192.168.1.2) - - [5/Jan/2005:15:56:23 -0500] "GET
/test/index.jsp HTTP/1.0" 200 354
Thanks,
Mark.
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: logging remote IP address
Posted by Dakota Jack <da...@gmail.com>.
I don't know what you mean by "I've seen on some webpages [sic] that
My [sic] IP is displayed as both exernal and internal". The IP
address is for the internet and there is only one. You may have
internal routing. That is different. I don't know what you mean
about webpages displaying your internal routing, if that is what you
mean. That sounds sort of impossible to me. See below:
<snip>
On Fri, 28 Jan 2005 08:21:15 -0800 (PST), Mark <se...@yahoo.com> wrote:
> I'm just tring to see if http request that came from one IP address
> has more then 1 client behind it. I've seen on some webpages that My
> IP is displayed as both external and internal - so it means it's
> doable - but the question is how to get this info in Tomcat.
</snip>
There is good news and bad news. First, the bad. You cannot get
internal (e.g. intranet information) routing information from the
request. Second, the good: which has two parts. First part: thank
God, because this would expose you mercifullessly to the outside if
the request had this information. Second part: thank God, because you
don't need this information in the request If you want to see the
direction back to a machine that is sending a request from any
network, that will be in the request without the internals of the
network being there. The responder will know how to get to your
network and your network will know how to get to the machine. So, all
is well that ends well.
Jack
--
------------------------------
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~
"You can't wake a person who is pretending to be asleep."
~Native Proverb~
"Each man is good in His sight. It is not necessary for eagles to be crows."
~Hunkesni (Sitting Bull), Hunkpapa Sioux~
-----------------------------------------------
"This message may contain confidential and/or privileged information.
If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose, or take any action based
on this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation."
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: logging remote IP address
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Mark wrote:
> I'm just tring to see if http request that came from one IP address
> has more then 1 client behind it. I've seen on some webpages that My
> IP is displayed as both external and internal - so it means it's
> doable - but the question is how to get this info in Tomcat.
>
If your local an your external (NATed) IP addresses are both displayed
by a webpage you access, you are almost certainly accessing this site
via a proxy that set the "X-Forwarded-For" HTTP-header-field to contain
your local IP (the IP the proxy itself was accessed from).
But that's nothing you can rely on.
Regards
mks
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: logging remote IP address
Posted by Dakota Jack <da...@gmail.com>.
Richard Mixon is, as usual, dead-on right. A good primer is
http://webserver.cpg.com/ws/3.4/
<snip>
> A major purpose of a NAT style firewall is to hide the private ip
> addresses behind the firewall. If it allowed this information out it
> would be a security compromise - the network topology behind the
> firewall is to be kept secret.
>
> I may be wrong, but I believe any web page you have been to that also
> showed in the browser/client's internal private IP address must have had
> a plugin - either an ActiveX or other type of plugin was probably
> involved.
>
> HTH - Richard
</snip>
Jack
--
------------------------------
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~
"You can't wake a person who is pretending to be asleep."
~Native Proverb~
"Each man is good in His sight. It is not necessary for eagles to be
crows. We are poor . . . but we are free."
~Hunkesni (Sitting Bull), Hunkpapa Sioux~
-----------------------------------------------
"This message may contain confidential and/or privileged information.
If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose, or take any action based
on this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation."
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
RE: logging remote IP address
Posted by "Richard Mixon (qwest)" <rn...@qwest.net>.
Mark wrote:
> I'm just tring to see if http request that came from one IP address
> has more then 1 client behind it. I've seen on some webpages that My
> IP is displayed as both external and internal - so it means it's
> doable - but the question is how to get this info in Tomcat.
A major purpose of a NAT style firewall is to hide the private ip
addresses behind the firewall. If it allowed this information out it
would be a security compromise - the network topology behind the
firewall is to be kept secret.
I may be wrong, but I believe any web page you have been to that also
showed in the browser/client's internal private IP address must have had
a plugin - either an ActiveX or other type of plugin was probably
involved.
HTH - Richard
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: logging remote IP address
Posted by Mark <se...@yahoo.com>.
I'm just tring to see if http request that came from one IP address
has more then 1 client behind it. I've seen on some webpages that My
IP is displayed as both external and internal - so it means it's
doable - but the question is how to get this info in Tomcat.
--- Parsons Technical Services <pa...@earthlink.net>
wrote:
> If what you are trying to see is the private IP of a machine then
> you will
> only have success if the machine was named the IP. Not likely. The
> IP is not
> stored in the HTTP header (Unless I missed it) but is derived from
> the
> TCP/IP packet. When a machine is on a private network this address
> is
> rewritten by the "router" the provides NAT or PAT translation.
>
> The one IP that is returned is the IP given by the "router". Or is
> the
> actual IP of the machine.
>
> If I misunderstood what you needed let me know.
>
> Doug
>
> ----- Original Message -----
> From: "Mark" <se...@yahoo.com>
> To: <to...@jakarta.apache.org>
> Sent: Thursday, January 27, 2005 3:28 PM
> Subject: logging remote IP address
>
>
> > Hi,
> > Can anybody help how to log remote IP internal address using
> catalina
> > logger (org.apache.catalina.*) classes and Http request class?
> >
> > request.getRemoteAddr() returns only one IP, but I'd like to see
> if
> > the request came from subnewtwork or not:
> >
> > I'm looking for both values external IP and internal so my log
> will
> > look like:
> >
> > 200.200.200.200 (192.168.1.2) - - [5/Jan/2005:15:56:23 -0500]
> "GET
> > /test/index.jsp HTTP/1.0" 200 354
> >
> > Thanks,
> > Mark.
> >
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > The all-new My Yahoo! - Get yours free!
> > http://my.yahoo.com
> >
> >
> >
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
> >
> >
> >
>
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
>
>
__________________________________
Do you Yahoo!?
Meet the all-new My Yahoo! - Try it today!
http://my.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: logging remote IP address
Posted by Parsons Technical Services <pa...@earthlink.net>.
If what you are trying to see is the private IP of a machine then you will
only have success if the machine was named the IP. Not likely. The IP is not
stored in the HTTP header (Unless I missed it) but is derived from the
TCP/IP packet. When a machine is on a private network this address is
rewritten by the "router" the provides NAT or PAT translation.
The one IP that is returned is the IP given by the "router". Or is the
actual IP of the machine.
If I misunderstood what you needed let me know.
Doug
----- Original Message -----
From: "Mark" <se...@yahoo.com>
To: <to...@jakarta.apache.org>
Sent: Thursday, January 27, 2005 3:28 PM
Subject: logging remote IP address
> Hi,
> Can anybody help how to log remote IP internal address using catalina
> logger (org.apache.catalina.*) classes and Http request class?
>
> request.getRemoteAddr() returns only one IP, but I'd like to see if
> the request came from subnewtwork or not:
>
> I'm looking for both values external IP and internal so my log will
> look like:
>
> 200.200.200.200 (192.168.1.2) - - [5/Jan/2005:15:56:23 -0500] "GET
> /test/index.jsp HTTP/1.0" 200 354
>
> Thanks,
> Mark.
>
>
>
> __________________________________
> Do you Yahoo!?
> The all-new My Yahoo! - Get yours free!
> http://my.yahoo.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org