nginx无法获取X-Forwarded-For过来的IP

环境:

1
2
CentOS release 6.9 (Final)
nginx 1.6.1

现象:nginx access.log只有记录到一个IP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
192.168.1.86 - - [29/Oct/2019:03:44:43 +0800] "GET /web/ HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:46:03 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:46:03 +0800] "GET /web/login.html HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:47:15 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:47:15 +0800] "GET /web/ HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:48:20 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:48:20 +0800] "GET /web/review-reward/evgroup/reward-evgroup-save HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:49:26 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:49:26 +0800] "GET /web/review-reward/evgroup/reward-evgroup-save HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:50:49 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:50:49 +0800] "GET /web/ HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:52:11 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:52:11 +0800] "GET /web/ HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:53:13 +0800] "GET /web HTTP/1.0" 302 0 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"
192.168.1.86 - - [29/Oct/2019:03:53:13 +0800] "GET /web/ HTTP/1.0" 200 15356 "-" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; Trident/5.0)"

导致这个情况的有二种:

  • 第一种:192.168.1.86可能是台 当前网络环境中的前端机器
  • 第二种:X-Forwarded-For的值没有正确配置出来

对于第二种,解决方法如下:
1、nginx重新编译,configure参数加上选项:–with-http_realip_module
查看当前nginx编译参数:

1
2
3
4
5
6
[root@rui home]# /usr/local/nginx/sbin/nginx -V                                                                                                                                      
nginx version: nginx/1.6.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-openssl=/root/openssl-1.0.2l/ --with-http_ssl_module --add-module=/root/nginx-sticky-module-1.1
[root@rui home]#

2、进入nginx安装包目录,重新编译,添加–with-http_realip_module参数:

1
./configure --prefix=/usr/local/nginx --with-openssl=/root/openssl-1.0.2l/ --with-http_ssl_module --add-module=/root/nginx-sticky-module-1.1 --with-http_realip_module

3、编译安装:

1
make && make install

4、在conf配置中添加:

1
2
3
4
5
6
7
8
9
10
11
12
 server
{
...
set_real_ip_from 192.168.1.0/24; #允许可此网段过来的访问可以修改real_ip;
real_ip_header X-Forwarded-For; #将$x-forward-for的值替换掉real_ip
...
#日志格式如下
log_format '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
...
}

5、重载nginx后,再次查看日志:

1
2
3
4
5
6
7
8
42.10.6.109 - - [12/Nov/2019:14:15:29 +0800] "GET /web/ HTTP/1.0" 301 278 "http://wangzhirui.com/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36"
51.178.18.228 - - [12/Nov/2019:14:15:44 +0800] "GET /web/j_spring_security_logout HTTP/1.0" 301 278 "http://wangzhirui.com/web/prpapprove/list-for-view?flag=init" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko"
51.178.18.228 - - [12/Nov/2019:14:15:44 +0800] "GET /weihu.html HTTP/1.0" 200 1894 "http://wangzhirui.com/egrantweb/prpapprove/list-for-view?flag=init" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko"
51.178.18.228 - - [12/Nov/2019:14:15:51 +0800] "GET / HTTP/1.0" 200 514 "http://wangzhirui.com/Program/" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko"
51.178.18.228 - - [12/Nov/2019:14:15:51 +0800] "GET /web/ HTTP/1.0" 301 278 "-" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko"
51.178.18.228 - - [12/Nov/2019:14:15:51 +0800] "GET /weihu.html HTTP/1.0" 200 1894 "-" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko"
51.178.81.210 - - [12/Nov/2019:14:15:54 +0800] "POST /web/review-reward/evgroup/reward-evgroup-save HTTP/1.0" 200 0 "http://wangzhirui.com/web/review-reward/evgroup/reward-group-manage?flag=init&atvtype=1" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
51.178.81.210 - - [12/Nov/2019:14:15:54 +0800] "POST /web/review-reward/evgroup/reward-group-manage?atvtype=1 HTTP/1.0" 200 9394 "http://wangzhirui.com/web/review-reward/evgroup/reward-group-manage?flag=init&atvtype=1" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
# nginx
Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×