• Re: proxy nginx x-real-ip (return)

    From Ragnarok@1:103/705 to Digital Man on Sat Dec 25 20:39:26 2021
    El 11/10/20 a las 00:54, Digital Man escribió:
    Re: proxy nginx x-real-ip
    By: Ragnarok to All on Sat Oct 10 2020 11:32 pm

    > Hola a Todes!
    >
    > I'm proxing the sbbs web server via nginx (as front), I set the
    > x-real-ip and x-forwarder-from heder to preserve the original client
    > address.
    >
    > location ^~ /web {
    > try_files $uri @app;
    > }
    >
    > location @app {
    > rewrite /web(.*) /$1 break;
    > proxy_set_header X-Real-IP $remote_addr;
    > proxy_set_header X-Forwarded-For $remote_addr;
    > proxy_set_header Host $host;
    > proxy_pass http://127.0.0.1:8088;
    > proxy_redirect off;
    > }
    > the logs, show 127.0.0.1 as remote address in several points,
    > Can be posibble that Sync honor these headers or any workaround to obtain
    > the real ip?

    Likely. Take a look-see at src/sbbs3/websrvr.c and have at it! :-)

    digital man

    I need return to this topic,


    my log still show that connection from proxy as 127.0.0.1

    Dec 25 20:27:08 scarlet synchronet: web 0086 HTTP Logon (user #2)
    Dec 25 20:27:08 scarlet synchronet: web 0090 HTTP connection accepted
    from: 127.0.0.1 port 57490


    Then, i cannot get my fail2ban working optimal for block the source ip
    address because, it's get 127.0.0.1 instead of the real:


    synchronet: web 0031 HTTP Throttling suspicious connection from:
    127.0.0.1 (5 login attempts)
    Dec 25 06:27:17 scarlet synchronet: web 0087 HTTP connection accepted
    from: 127.0.0.1 port 49286

    Could someone else who uses nginx in front of sbbs confirm what address appears in the log?

    thanks!

    ---
    ■ Synchronet ■ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)