由於大家都只對revere proxy連線,實際存取apache的就只有reverse proxy而已,若是不透過reverse proxy,apache的log可以清楚的紀錄每一個連線的ip,但是透過了reverse proxy之後,所有瀏覽紀錄會變成只剩下一個..雖然說reverse proxy也可以留下紀錄,但是遇到有問題要比對時就相當麻煩了,所以還是希望apache可以記錄到原始的ip。
這時候可以安裝mod_rpaf的模組,來達到透過reverse proxy也可以得到真實ip的功能~~
1. Retrieve and Extract mod_rpaf packages:
QUOTE:
# cd /usr/local/src
# wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
# tar xzvf mod_rpaf-0.6.tar.gz
# cd mod_rpaf-0.6
2. Build and install mod_rpaf
QUOTE:
# apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
3. Add mod_rpaf to Apache configuration
QUOTE:
# vi /etc/httpd/conf/httpd.conf
- Find the “LoadModule” list (near the top)
- Add the following lines at the bottom of the “LoadModule” list:LoadModule rpaf_module modules/mod_rpaf-2.0.so# mod_rpaf ConfigurationRPAFenable OnRPAFsethostname OnRPAFproxy_ips 127.0.0.1 10.0.0.1RPAFheader X-Forwarded-ForWhere “127.0.0.1 10.0.0.1″ is, add your proxy server IP address(es). This will ensure that mod_rpaf checks for the X-Forwarded-For header from these hosts only.4. FinishRestart Apache for the changes to take effect#service httpd restart5. Troubleshooting
The following dependencies may need to be installed before installing mod_rpaf:
httpd-devel, gcc
They can be installed using the following commands:
QUOTE:
#yum install httpd-devel gcc
這樣就可以囉~~