Nginx反向代理時apache日志獲取真實IP

來源:本站原創 Linux 超過350 views圍觀 0條評論

php查看客戶訪問真實地址代碼

<?php
function real_ip()
{
    static $realip = NULL;
    if ($realip !== NULL)
    {
        return $realip;
    }
 
    if (isset($_SERVER))
    {
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
        {
            $arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
 
            /* 取X-Forwarded-For中第一個非unknown的有效IP字符串 */
            foreach ($arr AS $ip)
            {
                $ip = trim($ip);
 
                if ($ip != 'unknown')
                {
                    $realip = $ip;
 
                    break;
                }
            }
        }
        elseif (isset($_SERVER['HTTP_CLIENT_IP']))
        {
            $realip = $_SERVER['HTTP_CLIENT_IP'];
        }
        else
        {
            if (isset($_SERVER['REMOTE_ADDR']))
            {
                $realip = $_SERVER['REMOTE_ADDR'];
            }
            else
            {
                $realip = '0.0.0.0';
            }
        }
    }
    else
    {
        if (getenv('HTTP_X_FORWARDED_FOR'))
        {
            $realip = getenv('HTTP_X_FORWARDED_FOR');
        }
        elseif (getenv('HTTP_CLIENT_IP'))
        {
            $realip = getenv('HTTP_CLIENT_IP');
        }
        else
        {
            $realip = getenv('REMOTE_ADDR');
        }
    }
    preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
    $realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
    return $realip;
}
echo real_ip();
?>

nginx配置文件cat test.test.net.conf

log_format  test.test.net  '$remote_addr - $remote_user [$time_local] $request' '$status $body_bytes_sent $http_referer' '$http_user_agent $http_x_forwarded_for $upstream_cache_status';
server
    {
        listen       5555;
        server_name test.test.net;

        location / {

            proxy_connect_timeout 600s;
            proxy_read_timeout  600s;
            proxy_send_timeout  600s;

            proxy_buffer_size   32000k;
            proxy_buffers       1000 64000k;
            proxy_busy_buffers_size 128000k;
            proxy_temp_file_write_size 512000k;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://test.test.net:60081;

        }

        access_log  /usr/local/nginx/logs/test.test.net-access.log  test.test.net;

}

apache配置httpd.conf

添加%{X-FORWARDED-FOR}i

Apache日志配置文件中定義了兩種打印格式,分別為combined格式和common格式。

本人使用combined格式

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h ClinetIp:%{X-FORWARDED-FOR}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b %{X-FORWARDED-FOR}i" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    CustomLog "logs/access_log" common

    #
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #
    #CustomLog "logs/access_log" combined
</IfModule>

虛擬機配置

<VirtualHost *:60081>
    ServerAdmin [email protected]
    ServerName test.test.net
    DocumentRoot /home/w/html/test
    ErrorLog "/home/w/html/test/test.test.net-error_log"
    CustomLog "/home/w/html/test/test.test.net-access_log" combined
</VirtualHost>

訪問頁面返回日志

網關IP:192.168.15.100

客戶訪問IP:192.168.15.101

192.168.15.100 ClinetIp:192.168.15.101 - - [12/Feb/2018:21:39:05 -0500] "GET / HTTP/1.0" 200 17 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6"

Apache日志格式

日志格式

Apache日志配置文件中定義了兩種打印格式,分別為combined格式和common格式。

combined格式:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

common格式:

LogFormat "%h %l %u %t \"%r\" %>s %b" common

聲明使用了combined日志格式和寫入的文件名。

CustomLog "/var/log/apache2/access_log" combined
字段說明

字段格式

含義

%a

remote_ip

%A

local_ip

%B

size

%b

size

%D

time_taken_ms

%h

remote_host

%H

protocol

%l

ident

%m

method

%p

port

%P

pid

“%q”

url_query

“%r”

request

%s

status

%>s

status

%t

time

%T

time_taken

%u

remote_user

%U

url_stem

%v

server_name

%V

canonical_name

%I

bytes_received

%O

bytes_sent

“%{User-Agent}i”

user_agent

“%{Referer}i”

referer

文章出自:CCIE那點事 http://www.qdxgqk.live/ 版權所有。本站文章除注明出處外,皆為作者原創文章,可自由引用,但請注明來源。 禁止全文轉載。
本文鏈接:http://www.qdxgqk.live/?p=3800轉載請注明轉自CCIE那點事
如果喜歡:點此訂閱本站
  • 相關文章
  • 為您推薦
  • 各種觀點
?
暫時還木有人評論,坐等沙發!
發表評論

您必須 [ 登錄 ] 才能發表留言!

?
?
萌宠夺宝游戏