You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by Lucien Gentis <lu...@univ-lorraine.fr> on 2017/04/08 15:28:53 UTC
mod_remoteip.xml
Hello,
Trunk branch : mod_remoteip.xml file,
<name>RemoteIPProxyProtocolExceptions</name> directive :
"<usage>
<p>The <directive>RemoteIPProxyProtocol</directive> directive
enables or"
must probably be replaced by :
"<usage>
<p>The <directive>RemoteIPProxyProtocolExceptions</directive>
directive enables or"
Same file : I'm not quite sure to understand the phrase "This is
generally useful for monitoring and administrative
traffic to a virtual host direct to the server behind the upstream load
balancer."
Lucien
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
Re: mod_remoteip.xml
Posted by Luca Toscano <to...@gmail.com>.
2017-04-27 13:10 GMT+02:00 Lucien Gentis <lu...@univ-lorraine.fr>:
>
>
> Le 27/04/2017 à 10:57, Luca Toscano a écrit :
>
>
>
> 2017-04-23 17:16 GMT+02:00 Lucien Gentis <lu...@univ-lorraine.fr>:
>
>>
>>
>> Le 14/04/2017 à 15:26, Lucien Gentis a écrit :
>>
>> Hello Luca,
>>
>> Apologize for not answering.
>>
>> I come back next week
>>
>> Lucien
>>
>> Le 10/04/2017 à 19:20, Luca Toscano a écrit :
>>
>> Hello Lucien,
>>
>> 2017-04-08 17:28 GMT+02:00 Lucien Gentis <lu...@univ-lorraine.fr>
>> :
>>
>>> Hello,
>>>
>>> Trunk branch : mod_remoteip.xml file, <name>RemoteIPProxyProtocolExceptions</name>
>>> directive :
>>>
>>> "<usage>
>>> <p>The <directive>RemoteIPProxyProtocol</directive> directive
>>> enables or"
>>>
>>> must probably be replaced by :
>>>
>>> "<usage>
>>> <p>The <directive>RemoteIPProxyProtocolExceptions</directive>
>>> directive enables or"
>>>
>>
>>
>> I checked the last pending doc changes and the complete diff is:
>>
>> + <p>The <code class="directive">RemoteIPProxyProtocol</code>
>> directive enables or
>> + disables the reading and handling of the PROXY protocol connection
>> header.
>> + Sometimes it is desirable to require clients to provide the PROXY
>> header, but
>> + permit other clients to connect without it. This directive allows a
>> server
>> + administrator to configure a single host or CIDR range of hosts that
>> may do
>> + so. This is generally useful for monitoring and administrative
>> traffic to a
>> + virtual host direct to the server behind the upstream load
>> balancer.</p>
>> +
>>
>> It may need to be explained a bit better but IIUC the paragraph is saying
>> that since RemoteIPProxyProtocol is a on/off switch,
>> RemoteIPProxyProtocolExceptions can be used to fine tune exceptions.
>>
>>
>> OK, it's actually referencing RemoteIPProxyProtocol directive.
>>
>>
>>
>>> Same file : I'm not quite sure to understand the phrase "This is
>>> generally useful for monitoring and administrative
>>> traffic to a virtual host direct to the server behind the upstream
>>> load
>>> balancer."
>>>
>>
>> Definitely not clear, need a bit of rework. Do you have something in mind
>> to fix it?
>>
>>
>> As far as I understand it, this directive allows to know client real IP
>> address, and so better analyse a connection stream ; so, this phrase could
>> be : "This is generally useful for monitoring network stream between
>> clients and backend servers situated behind a load balancer"
>>
>
> After reading https://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#
> remoteipproxyprotocolexceptions again I think that the sentence should be
> removed, since it is well explained by what comes before it :)
>
> Luca
>
>
> Perhaps Daniel Ruggeri could clarify that ?
>
Removed the sentence in http://svn.apache.org/r1794142, I'll wait a bit
before backporting to 2.4.x to see if anybody will chime in.
Luca
Re: mod_remoteip.xml
Posted by Lucien Gentis <lu...@univ-lorraine.fr>.
Le 27/04/2017 � 10:57, Luca Toscano a �crit :
>
>
> 2017-04-23 17:16 GMT+02:00 Lucien Gentis
> <lucien.gentis@univ-lorraine.fr <ma...@univ-lorraine.fr>>:
>
>
>
> Le 14/04/2017 � 15:26, Lucien Gentis a �crit :
>>
>> Hello Luca,
>>
>> Apologize for not answering.
>>
>> I come back next week
>>
>> Lucien
>>
>>
>> Le 10/04/2017 � 19:20, Luca Toscano a �crit :
>>> Hello Lucien,
>>>
>>> 2017-04-08 17:28 GMT+02:00 Lucien Gentis
>>> <lucien.gentis@univ-lorraine.fr
>>> <ma...@univ-lorraine.fr>>:
>>>
>>> Hello,
>>>
>>> Trunk branch : mod_remoteip.xml file,
>>> <name>RemoteIPProxyProtocolExceptions</name> directive :
>>>
>>> "<usage>
>>> <p>The <directive>RemoteIPProxyProtocol</directive>
>>> directive enables or"
>>>
>>> must probably be replaced by :
>>>
>>> "<usage>
>>> <p>The
>>> <directive>RemoteIPProxyProtocolExceptions</directive>
>>> directive enables or"
>>>
>>>
>>>
>>> I checked the last pending doc changes and the complete diff is:
>>>
>>> + <p>The <code class="directive">RemoteIPProxyProtocol</code>
>>> directive enables or
>>> + disables the reading and handling of the PROXY protocol
>>> connection header.
>>> + Sometimes it is desirable to require clients to provide the
>>> PROXY header, but
>>> + permit other clients to connect without it. This directive
>>> allows a server
>>> + administrator to configure a single host or CIDR range of
>>> hosts that may do
>>> + so. This is generally useful for monitoring and
>>> administrative traffic to a
>>> + virtual host direct to the server behind the upstream load
>>> balancer.</p>
>>> +
>>> It may need to be explained a bit better but IIUC the paragraph
>>> is saying that since RemoteIPProxyProtocol is a on/off switch,
>>> RemoteIPProxyProtocolExceptions can be used to fine tune exceptions.
>
> OK, it's actually referencing RemoteIPProxyProtocol directive.
>
>>>
>>>
>>> Same file : I'm not quite sure to understand the phrase
>>> "This is generally useful for monitoring and administrative
>>> traffic to a virtual host direct to the server behind
>>> the upstream load
>>> balancer."
>>>
>>>
>>> Definitely not clear, need a bit of rework. Do you have
>>> something in mind to fix it?
>
> As far as I understand it, this directive allows to know client
> real IP address, and so better analyse a connection stream ; so,
> this phrase could be : "This is generally useful for monitoring
> network stream between clients and backend servers situated behind
> a load balancer"
>
>
> After reading
> https://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#remoteipproxyprotocolexceptions
> again I think that the sentence should be removed, since it is well
> explained by what comes before it :)
>
> Luca
PerhapsDaniel Ruggeri could clarify that ?
--
Lucien GENTIS
UNIVERSITE DE LORRAINE - ESPE
Centre de Ressources Informatiques
5, Rue Paul Richard
C.O. 3 - MAXEVILLE
54528 LAXOU-CEDEX
T�l. 03 72 74 13 28
Email : lucien.gentis@univ-lorraine.fr
Re: mod_remoteip.xml
Posted by Luca Toscano <to...@gmail.com>.
2017-04-23 17:16 GMT+02:00 Lucien Gentis <lu...@univ-lorraine.fr>:
>
>
> Le 14/04/2017 à 15:26, Lucien Gentis a écrit :
>
> Hello Luca,
>
> Apologize for not answering.
>
> I come back next week
>
> Lucien
>
> Le 10/04/2017 à 19:20, Luca Toscano a écrit :
>
> Hello Lucien,
>
> 2017-04-08 17:28 GMT+02:00 Lucien Gentis <lu...@univ-lorraine.fr>:
>
>> Hello,
>>
>> Trunk branch : mod_remoteip.xml file, <name>RemoteIPProxyProtocolExceptions</name>
>> directive :
>>
>> "<usage>
>> <p>The <directive>RemoteIPProxyProtocol</directive> directive
>> enables or"
>>
>> must probably be replaced by :
>>
>> "<usage>
>> <p>The <directive>RemoteIPProxyProtocolExceptions</directive>
>> directive enables or"
>>
>
>
> I checked the last pending doc changes and the complete diff is:
>
> + <p>The <code class="directive">RemoteIPProxyProtocol</code>
> directive enables or
> + disables the reading and handling of the PROXY protocol connection
> header.
> + Sometimes it is desirable to require clients to provide the PROXY
> header, but
> + permit other clients to connect without it. This directive allows a
> server
> + administrator to configure a single host or CIDR range of hosts that
> may do
> + so. This is generally useful for monitoring and administrative
> traffic to a
> + virtual host direct to the server behind the upstream load
> balancer.</p>
> +
>
> It may need to be explained a bit better but IIUC the paragraph is saying
> that since RemoteIPProxyProtocol is a on/off switch,
> RemoteIPProxyProtocolExceptions can be used to fine tune exceptions.
>
>
> OK, it's actually referencing RemoteIPProxyProtocol directive.
>
>
>
>> Same file : I'm not quite sure to understand the phrase "This is
>> generally useful for monitoring and administrative
>> traffic to a virtual host direct to the server behind the upstream
>> load
>> balancer."
>>
>
> Definitely not clear, need a bit of rework. Do you have something in mind
> to fix it?
>
>
> As far as I understand it, this directive allows to know client real IP
> address, and so better analyse a connection stream ; so, this phrase could
> be : "This is generally useful for monitoring network stream between
> clients and backend servers situated behind a load balancer"
>
After reading
https://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#remoteipproxyprotocolexceptions
again I think that the sentence should be removed, since it is well
explained by what comes before it :)
Luca
Re: mod_remoteip.xml
Posted by Lucien Gentis <lu...@univ-lorraine.fr>.
Le 14/04/2017 � 15:26, Lucien Gentis a �crit :
>
> Hello Luca,
>
> Apologize for not answering.
>
> I come back next week
>
> Lucien
>
>
> Le 10/04/2017 � 19:20, Luca Toscano a �crit :
>> Hello Lucien,
>>
>> 2017-04-08 17:28 GMT+02:00 Lucien Gentis
>> <lucien.gentis@univ-lorraine.fr <ma...@univ-lorraine.fr>>:
>>
>> Hello,
>>
>> Trunk branch : mod_remoteip.xml file,
>> <name>RemoteIPProxyProtocolExceptions</name> directive :
>>
>> "<usage>
>> <p>The <directive>RemoteIPProxyProtocol</directive>
>> directive enables or"
>>
>> must probably be replaced by :
>>
>> "<usage>
>> <p>The
>> <directive>RemoteIPProxyProtocolExceptions</directive> directive
>> enables or"
>>
>>
>>
>> I checked the last pending doc changes and the complete diff is:
>>
>> + <p>The <code class="directive">RemoteIPProxyProtocol</code>
>> directive enables or
>> + disables the reading and handling of the PROXY protocol
>> connection header.
>> + Sometimes it is desirable to require clients to provide the
>> PROXY header, but
>> + permit other clients to connect without it. This directive
>> allows a server
>> + administrator to configure a single host or CIDR range of hosts
>> that may do
>> + so. This is generally useful for monitoring and administrative
>> traffic to a
>> + virtual host direct to the server behind the upstream load
>> balancer.</p>
>> +
>> It may need to be explained a bit better but IIUC the paragraph is
>> saying that since RemoteIPProxyProtocol is a on/off switch,
>> RemoteIPProxyProtocolExceptions can be used to fine tune exceptions.
OK, it's actually referencing RemoteIPProxyProtocol directive.
>>
>>
>> Same file : I'm not quite sure to understand the phrase "This is
>> generally useful for monitoring and administrative
>> traffic to a virtual host direct to the server behind the
>> upstream load
>> balancer."
>>
>>
>> Definitely not clear, need a bit of rework. Do you have something in
>> mind to fix it?
As far as I understand it, this directive allows to know client real IP
address, and so better analyse a connection stream ; so, this phrase
could be : "This is generally useful for monitoring network stream
between clients and backend servers situated behind a load balancer"
>>
>> Luca
>>
>
> --
> Lucien GENTIS
> UNIVERSITE DE LORRAINE - ESPE
> Centre de Ressources Informatiques
> 5, Rue Paul Richard
> C.O. 3 - MAXEVILLE
> 54528 LAXOU-CEDEX
>
> T�l. 03 72 74 13 28
> Email :lucien.gentis@univ-lorraine.fr
Re: mod_remoteip.xml
Posted by Luca Toscano <to...@gmail.com>.
Hello Lucien,
2017-04-08 17:28 GMT+02:00 Lucien Gentis <lu...@univ-lorraine.fr>:
> Hello,
>
> Trunk branch : mod_remoteip.xml file, <name>RemoteIPProxyProtocolExceptions</name>
> directive :
>
> "<usage>
> <p>The <directive>RemoteIPProxyProtocol</directive> directive
> enables or"
>
> must probably be replaced by :
>
> "<usage>
> <p>The <directive>RemoteIPProxyProtocolExceptions</directive>
> directive enables or"
>
I checked the last pending doc changes and the complete diff is:
+ <p>The <code class="directive">RemoteIPProxyProtocol</code> directive
enables or
+ disables the reading and handling of the PROXY protocol connection
header.
+ Sometimes it is desirable to require clients to provide the PROXY
header, but
+ permit other clients to connect without it. This directive allows a
server
+ administrator to configure a single host or CIDR range of hosts that
may do
+ so. This is generally useful for monitoring and administrative traffic
to a
+ virtual host direct to the server behind the upstream load
balancer.</p>
+
It may need to be explained a bit better but IIUC the paragraph is saying
that since RemoteIPProxyProtocol is a on/off switch,
RemoteIPProxyProtocolExceptions can be used to fine tune exceptions.
> Same file : I'm not quite sure to understand the phrase "This is generally
> useful for monitoring and administrative
> traffic to a virtual host direct to the server behind the upstream load
> balancer."
>
Definitely not clear, need a bit of rework. Do you have something in mind
to fix it?
Luca