Hi MP2 users,
I haven't kept up with mod_perl development for a little while so I apologize in advance. I did a lot of RTFM, searching of mailing list archives and some soul searching before posting this.
I looked at the Changes file for 1.99_15 and saw that a lot of Apache::Connection fields were now readonly.
I followed the discussion at the thread: http://marc.theaimsgroup.com/?t=109215131300005&r=1&w=2 or for a single-page view: http://gossamer-threads.com/lists/modperl/dev/71393
Quoting, Stas's last message on this thread:
Thanks Tom, but I'm still not convinced, that it's a goodness to expose those. Let's discuss each one separately.
I wanted to discuss making remote_ip settable (sorry no sub-test here - don't know how to write one).
I am currently using read/write remote_ip (pre 1.99_15) in production right now. Making it readonly breaks the following functionality.
If you search the modperl users' mailing list for the following search terms:
x-forwarded-for remote_ip
here's a link to the search: http://marc.theaimsgroup.com/?l=apache-modperl&w=2&r=1&s=x-forwarded-for+remote_ip&q=b
The most requested use for being able to set remote_ip is due to the very popular reverse proxy setup for typical mod_perl installations. Light apache in the front-end, heavy mod_perl apache in the back-end.
The front end has the following reverse proxy directives:
ProxyPass /perl/ http://localhost:8103/perl/ ProxyPassReverse /perl/ http://localhost:8103/perl/
Due to the reverse proxy setup, the original client IP is lost and all IP addresses are reported as 127.0.0.1 (front-end). Since mod_proxy conveniently adds a X-Forwarded-For header to the proxied requests automatically, you can indeed grab the last value in that header and then use it to "set" remote_ip to the client's IP so that the back-end receives the client's IP.
Typical usage is to use, for e.g.:
PerlPostReadRequestHandler My::ProxyRemoteAddr
in your apache conf file.
and then in your startup.pl have something like:
# use the X-Forwarded-For header to recover the remote client's ip
sub My::ProxyRemoteAddr ($) {
my $r = shift; # we'll only look at the X-Forwarded-For header if the requests
# comes from our proxy at localhost
return Apache::OK
unless
($r->connection->remote_ip =~
m#^(127.0.0.1|localhost.localdomain)$#)
and $r->header_in('X-Forwarded-For');# Select last value in the chain -- original client's ip
if( my( $ip ) = $r->headers_in->{'X-Forwarded-For'} =~ /([^,\s]+)$/ ) {
$r->connection->remote_ip($ip);
}
return Apache::OK; }
How would I achieve the same functionality without making remote_ip read/write? How are you guys using post 1.99_15 in production and are still able to get the original client IP to the back-end? Curious minds wanna know....
Regards, -- Haroon Rafique <[EMAIL PROTECTED]>
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
