反向代理模式下未转发客户端IP的鱿鱼

Question

我正在使用Squid 3.1.10（最新版本为CentOS 6.4）作为托管虚拟域的网络服务器的反向代理。无论我尝试什么，我都无法让Squid将客户端IP传递给网络服务器。我已经尝试设置forwarded_for和XFF头以不同的值，但我一直看到的是Squid的ip在Apache的访问日志中...即使我设置forwarded_for“删除”。

有人会介意查看我的配置，请问？

http_port 80 accel vhost 

visible_hostname xxx.xxx.xxx 

forwarded_for on 

shutdown_lifetime 5 seconds 

acl manager proto cache_object 
acl localhost src 127.0.0.1/32 ::1 

acl localnet src xxx.xxx.xxx.0/24 # RFC1918 possible internal network 
acl localnet src fc00::/7   # RFC 4193 local private network range 
acl localnet src fe80::/10   # RFC 4291 link-local (directly plugged) machines 


http_access allow localhost manager 
http_access deny manager 

acl Safe_ports port 80 443 
http_access deny !Safe_ports 

acl SSL_ports port 443 
acl CONNECT method CONNECT 
http_access deny CONNECT !SSL_ports 

acl Safe_proto proto HTTP SSL 
http_access deny !Safe_proto 


################# BEGIN MAIN SERVER ######################## 

cache_peer xxx.xxx.xxx.xxx parent 80 0 no-query originserver name=mainwebserver 
acl mainwebserver_cached_sites dstdomain .site1.com .site2.com 

http_access allow mainwebserver_cached_sites 

cache_peer_access mainwebserver allow mainwebserver_cached_sites 
cache_peer_access mainwebserver deny all 


################### END MAIN SERVER ######################## 


hierarchy_stoplist cgi-bin ? 

#cache_dir ufs /var/spool/squid 100 16 256 

coredump_dir /var/spool/squid 


# Add any of your own refresh_pattern entries above these. 
refresh_pattern ^ftp:  1440 20% 10080 
refresh_pattern ^gopher: 1440 0% 1440 
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 
refresh_pattern .  0 20% 4320 

http_access deny all 

Answer 1

该IP被转发，它是Apache上没有使用它的日志记录目的。简单地为apache安装mod_rpaf有诀窍。