我正在使用 nginx <=> varnish <=> apache
我正在通过 nginx 将客户端 IP 传递给 varnishproxy_set_header X-Forwarded-For $remote_addr;
但是 varnish 还将 X-Forwarded-For 添加为 127.0.0.1,因此 apache 显示基于逗号的 2 个 IP。
我只需要 nginx 发送 IP,我只想禁用 varnish 添加 127.0.0.1
varnish 版本 3.0.0 这里是 default.vcl
后端默认 { .host = “204.29.58.4”; .port = “80”; } sub vcl_recv { if (req.http.Range) { return(pipe); } }
答案1
默认vcl_recv函数(附加到您的函数)包含以下内容:
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
..这会修改标头。为了防止这种情况发生,您应该将其vcl_recv实现为始终返回的完整函数,而不是依赖于附加默认行为,其中包含您不想要的配置。如下所示:
sub vcl_recv {
if (req.http.Range) {
return(pipe);
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}