fabio
fabio copied to clipboard
fabiolb
Is it possible to get client address when using tcp+sni?
On backend server when I inspect RemoteAddr I get address of server that fabio is running on. Can fabio log those requests so I can get them there?
Thanks.
Did you check the X-Forwared-For header in your backend ? Proxies set this value to pass the IP of the client of the initial request.
Hi deuch,
Yes, I did check "X-Forwarded-For" header. It is empty. "Forwarded", "X-Real-Ip", "X-Forwarded-Port", "X-Forwarded-Proto", "X-Forwarded-Host" also. Fabio is not setting headers when runing TCP-SNI Proxy. I haven't tried, but headers are probably set when fabio is running TCP Proxy when TLS termination is done on fabio.
TCP listeners including the TCP+SNI listener are passthtough to the backend. If you want fabio to add headers you will need to use an HTTP and/or an HTTPS listener. The HTTPS listener will terminate TLS at fabio and can optionally reoriginate with TLS to the backend if you specify proto=https as a route option.
Hi leprechau, thanks for replying
I understand that headers are not set when running TCP-SNI Proxy, but I was wondering is there some other way to find out client address. It doesn't have to be on backend. Is it possible for fabio to log requests that are passed through? I have set "log.access.target = stdout", but have nothing on stdout. Am I doing something wrong or fabio is not logging requests when running TCP-SNI Proxy?
Sorry, I see what you are asking now. The current answer is no. The TCP and TCP+SNI proxy do not currently have any access logging. I can see this being a nice feature and would offer parity with the HTTP proxy.
It would be great if somebody could test it, please? https://github.com/fabiolb/fabio/pull/598
Hello, any update on this ?
Does PROXY PROTOCOL works with TCP+SNI ?
ref : https://github.com/fabiolb/fabio/issues/177
