From 8aa45f03160cb32298f1c517f3c8868bba50d7e6 Mon Sep 17 00:00:00 2001 From: tfheen Date: Mon, 29 Sep 2008 10:49:12 +0000 Subject: [PATCH] Make it possible to make varnishncsa prefer X-Forwarded-For Add -f to varnishncsa, this makes varnishncsa prefer X-Forwarded-For over client.ip Closes: #335 Thanks to "191919" for the patch. git-svn-id: svn+ssh://projects.linpro.no/svn/varnish/trunk@3237 d4fa192b-c00b-0410-8231-f00ffab90ce4 --- varnish-cache/bin/varnishncsa/varnishncsa.1 | 6 ++++++ varnish-cache/bin/varnishncsa/varnishncsa.c | 14 +++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/varnish-cache/bin/varnishncsa/varnishncsa.1 b/varnish-cache/bin/varnishncsa/varnishncsa.1 index 7c1477d2..aef5e660 100644 --- a/varnish-cache/bin/varnishncsa/varnishncsa.1 +++ b/varnish-cache/bin/varnishncsa/varnishncsa.1 @@ -92,6 +92,12 @@ Normally, .Nm will only process entries which are written to the log after it starts. +.It Fl f +Prefer the +.Va X-Forwarded-For +HTTP header over +.Va client.ip +in the log output. .It Fl I Ar regex Include log entries which match the specified regular expression. If neither diff --git a/varnish-cache/bin/varnishncsa/varnishncsa.c b/varnish-cache/bin/varnishncsa/varnishncsa.c index 8e7d6df8..69b8df56 100644 --- a/varnish-cache/bin/varnishncsa/varnishncsa.c +++ b/varnish-cache/bin/varnishncsa/varnishncsa.c @@ -91,6 +91,7 @@ static struct logline { char *df_Referer; /* %{Referer}i */ char *df_Uq; /* %U%q, URL path and query string */ char *df_User_agent; /* %{User-agent}i */ + char *df_X_Forwarded_For; /* %{X-Forwarded-For}i */ char *df_b; /* %b, Bytes */ char *df_h; /* %h (host name / IP adress)*/ char *df_m; /* %m, Request method*/ @@ -101,6 +102,7 @@ static struct logline { } **ll; static size_t nll; +static int prefer_x_forwarded_for = 0; static int isprefix(const char *str, const char *prefix, const char *end, const char **next) @@ -240,6 +242,8 @@ collect_backend(struct logline *lp, enum shmlogtag tag, unsigned spec, else if (isprefix(ptr, "authorization:", end, &next) && isprefix(next, "basic", end, &next)) lp->df_u = trimline(next, end); + else if (isprefix(ptr, "x-forwarded-for:", end, &next)) + lp->df_X_Forwarded_For = trimline(next, end); else if (isprefix(ptr, "host:", end, &next)) lp->df_Host = trimline(next, end); break; @@ -312,6 +316,8 @@ collect_client(struct logline *lp, enum shmlogtag tag, unsigned spec, else if (isprefix(ptr, "authorization:", end, &next) && isprefix(next, "basic", end, &next)) lp->df_u = trimline(next, end); + else if (isprefix(ptr, "x-forwarded-for:", end, &next)) + lp->df_X_Forwarded_For = trimline(next, end); else if (isprefix(ptr, "host:", end, &next)) lp->df_Host = trimline(next, end); break; @@ -396,6 +402,8 @@ h_ncsa(void *priv, enum shmlogtag tag, unsigned fd, /* %h */ if (!lp->df_h && spec & VSL_S_BACKEND) fprintf(fo, "127.0.0.1 "); + else if (lp->df_X_Forwarded_For && prefer_x_forwarded_for) + fprintf(fo, "%s ", lp->df_X_Forwarded_For); else fprintf(fo, "%s ", lp->df_h ? lp->df_h : "-"); @@ -463,6 +471,7 @@ h_ncsa(void *priv, enum shmlogtag tag, unsigned fd, freez(lp->df_Referer); freez(lp->df_Uq); freez(lp->df_User_agent); + freez(lp->df_X_Forwarded_For); freez(lp->df_b); freez(lp->df_h); freez(lp->df_m); @@ -520,11 +529,14 @@ main(int argc, char *argv[]) vd = VSL_New(); - while ((c = getopt(argc, argv, VSL_ARGS "aDn:P:Vw:")) != -1) { + while ((c = getopt(argc, argv, VSL_ARGS "aDn:P:Vw:f")) != -1) { switch (c) { case 'a': a_flag = 1; break; + case 'f': + prefer_x_forwarded_for = 1; + break; case 'D': D_flag = 1; break; -- 2.39.5