1. Create the file AdjustRemoteAddrAccordingToHeader.pm
with the following ,
package Apache::AdjustRemoteAddrAccordingToHeader;
sub handler
{
my $r = shift;
my $configuredValue = $r->dir_config ("UseIPFromHeader");
if ($configuredValue)
{
my $ip = $r->header_in($configuredValue);
if ($ip)
{
$r->connection->remote_ip($ip);
}
}
else
{
print STDERR "AdjustRemoteAddrAccordingToHeader: PerlSetVar UseIPFromHeader is not set, so I did not do anything\n";
}
# Adjust for Oracle HTTP Server and REMOTE_ADDR
# Remove this line if not necessary
$r->header_in("ClientIP", $r->connection->remote_ip());
return OK;
}
return 1;
2. Open the httpd.conf file and add the following lines to the end ,
PerlRequire /home/ias/AdjustRemoteAddrAccordingToHeader.pm
PerlPostReadRequestHandler Apache::AdjustRemoteAddrAccordingToHeader
PerlSetVar UseIPFromHeader X-Forwarded-For
3. Run the command to validate whether this works or not ,
apachectl configtest
4. Use some tool , like say ProtocolExplorer.jar and add the following ,
GET /j2ee/examples/jsp/snp/snoop.jsp HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*
Accept-Language: en-us,et;q=0.9,cs;q=0.7,de;q=0.6,fi;q=0.4,ja;q=0.3,fr;q=0.1
Accept-Encoding: gzip, deflate
Host: incq128ad.idc.oracle.com:7779
x-forwarded-for: 123.111.22.15
Connection: Keep-Alive
Check the following output ,
Remote address: 123.111.22.15
Remote host: 123.111.22.15
The same addredd will appear in the Apache access log's also as we are replacing the
remotehost with the header for the X-Forwarded-For header.
No comments:
Post a Comment