Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Clients' address in access log

Status
Not open for further replies.
tensaibakabon

tensaibakabon

Programmer
Mar 14, 2002
3
JP
Hi everyone,

I have been trying to figure out how to properly log clients' ip addresses in apache's access log...

Server spec is as follows:

Redhat 9.0
Kernel 2.4.21
Apache 1.3.28

The server is behind a router that forwards its incoming requests to port 80 to port 80 of the server. The problem is that all the log entries in apache's access log are logged as requests coming from the router, and I get router's ip address for all the log entries...

If I check the client's access using netstat command, I also get router's ip address as the client's address for all the http connections.
But connections to other ports such as SSH(22), seem to log the right client's ip and not the address of the router(connection to ssh is also forwarded by the router).

I'm not sure if this is an apache related problem in the first place, but I've been looking around for a solution for a while now, and can't seem to find anything....

Any help/suggestions would be greatly appreciated.

Thanks in advance.
 
Sort by date Sort by votes
This would be a problem with your router. It doesn't seem to properly forward the connections, but rather seems to be acting as a proxy.

//Daniel
 
Upvote 0 Downvote
Daniel,

Thanks very much for your reply.

If it's acting as a proxy, then why would sshd be logging the right client's ip address?

But since I'm no expert in the networking field, my router may be acting as a proxy, and not as NAT, like you said....

If this is the case, what could I do to have my router not act as a proxy?

I guess it all depends on how configurable the router is, but I'm wondering if it's fairly standard to have such an option in the first place?? Making your router work as proxy or not?

Do I just have to get some other router? :(
 
Upvote 0 Downvote
Proxies can only handle certain protocols, HTTP being the most common one. Some more expensive firewalls have proxies to help defend your server against certain attacks.
If there is no option to disable this feature in your router, you would have to buy a new one if you really need the client's IP address.

//Daniel
 
Upvote 0 Downvote
Daniel,

Thanks again for your reply.

I have found out what the problem was!

There is an option for my router to discard any PING that comes from WAN, and I had that enabled. After I disabled it, apache seems to be logging the right client ip addresses...

So I guess I don't have to get a new router! :)

Thank you very much for your help.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

donald lepariku
  • Locked
  • Question
Error: 694, Severity: 24, State: 10 An attempt was made to read logical page '153', virtpage '616' f 1
Replies
3
Views
401
spamjim
spamjim
hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
416
Stephen_Hawk
Stephen_Hawk
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
184
bhuv560
bhuv560
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
266
ChrisHirst
ChrisHirst
msk69
  • Locked
  • Question
RHEL 7 installation error
Replies
1
Views
294
msk69
msk69

Part and Inventory Search

Sponsor

Back
Top