Nginx反向代理时apache日志获取真实IP

来源:本站原创 Linux 超过275 views围观 0条评论

php查看客户访问真实地址代码

<?php
function real_ip()
{
    static $realip = NULL;
    if ($realip !== NULL)
    {
        return $realip;
    }
 
    if (isset($_SERVER))
    {
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
        {
            $arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
 
            /* 取X-Forwarded-For中第一个非unknown的有效IP字符串 */
            foreach ($arr AS $ip)
            {
                $ip = trim($ip);
 
                if ($ip != 'unknown')
                {
                    $realip = $ip;
 
                    break;
                }
            }
        }
        elseif (isset($_SERVER['HTTP_CLIENT_IP']))
        {
            $realip = $_SERVER['HTTP_CLIENT_IP'];
        }
        else
        {
            if (isset($_SERVER['REMOTE_ADDR']))
            {
                $realip = $_SERVER['REMOTE_ADDR'];
            }
            else
            {
                $realip = '0.0.0.0';
            }
        }
    }
    else
    {
        if (getenv('HTTP_X_FORWARDED_FOR'))
        {
            $realip = getenv('HTTP_X_FORWARDED_FOR');
        }
        elseif (getenv('HTTP_CLIENT_IP'))
        {
            $realip = getenv('HTTP_CLIENT_IP');
        }
        else
        {
            $realip = getenv('REMOTE_ADDR');
        }
    }
    preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
    $realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
    return $realip;
}
echo real_ip();
?>

nginx配置文件cat test.test.net.conf

log_format  test.test.net  '$remote_addr - $remote_user [$time_local] $request' '$status $body_bytes_sent $http_referer' '$http_user_agent $http_x_forwarded_for $upstream_cache_status';
server
    {
        listen       5555;
        server_name test.test.net;

        location / {

            proxy_connect_timeout 600s;
            proxy_read_timeout  600s;
            proxy_send_timeout  600s;

            proxy_buffer_size   32000k;
            proxy_buffers       1000 64000k;
            proxy_busy_buffers_size 128000k;
            proxy_temp_file_write_size 512000k;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://test.test.net:60081;

        }

        access_log  /usr/local/nginx/logs/test.test.net-access.log  test.test.net;

}

apache配置httpd.conf

添加%{X-FORWARDED-FOR}i

Apache日志配置文件中定义了两种打印格式,分别为combined格式和common格式。

本人使用combined格式

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h ClinetIp:%{X-FORWARDED-FOR}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b %{X-FORWARDED-FOR}i" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    CustomLog "logs/access_log" common

    #
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #
    #CustomLog "logs/access_log" combined
</IfModule>

虚拟机配置

<VirtualHost *:60081>
    ServerAdmin systemadmin@test.net
    ServerName test.test.net
    DocumentRoot /home/w/html/test
    ErrorLog "/home/w/html/test/test.test.net-error_log"
    CustomLog "/home/w/html/test/test.test.net-access_log" combined
</VirtualHost>

访问页面返回日志

网关IP:192.168.15.100

客户访问IP:192.168.15.101

192.168.15.100 ClinetIp:192.168.15.101 - - [12/Feb/2018:21:39:05 -0500] "GET / HTTP/1.0" 200 17 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6"

Apache日志格式

日志格式

Apache日志配置文件中定义了两种打印格式,分别为combined格式和common格式。

combined格式:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

common格式:

LogFormat "%h %l %u %t \"%r\" %>s %b" common

声明使用了combined日志格式和写入的文件名。

CustomLog "/var/log/apache2/access_log" combined
字段说明

字段格式

含义

%a

remote_ip

%A

local_ip

%B

size

%b

size

%D

time_taken_ms

%h

remote_host

%H

protocol

%l

ident

%m

method

%p

port

%P

pid

“%q”

url_query

“%r”

request

%s

status

%>s

status

%t

time

%T

time_taken

%u

remote_user

%U

url_stem

%v

server_name

%V

canonical_name

%I

bytes_received

%O

bytes_sent

“%{User-Agent}i”

user_agent

“%{Referer}i”

referer

文章出自:CCIE那点事 http://www.jdccie.com/ 版权所有。本站文章除注明出处外,皆为作者原创文章,可自由引用,但请注明来源。 禁止全文转载。
本文链接:http://www.jdccie.com/?p=3800转载请注明转自CCIE那点事
如果喜欢:点此订阅本站
  • 相关文章
  • 为您推荐
  • 各种观点

暂时还木有人评论,坐等沙发!
发表评论

您必须 [ 登录 ] 才能发表留言!