@john wrote:
I’m trying to get the real IP from cloudflare clients using the CF-real-ip header. I’ve done this successfully on nginx using the real IP module.
The way I attempted to do it with haproxy is setting a variable, and logging based on it. For some reason why I do this half of my logs are empty.
This is my configuration:
# Check if CF header set acl is_real_ip hdr_ip(CF-Connecting-IP) -m len 0 # Header set, set txn.real_ip to CF ip http-request set-var(txn.real_ip) hdr_ip(CF-Connecting-IP) if ! is_real_ip # Set txn.real_ip to src ip http-request set-var(txn.real_ip) src if is_real_ip log-format "%[var(txn.real_ip)] %cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"I would think based on this food either get the source IP or the cloudflare IP, but sometimes they are empty, and
%[var(txn.real_ip)]is replaced with'-'.I’m also not sure if there’s an easier way to do it than this.
Posts: 1
Participants: 1
