HAProxy forwardfor

varazir · Jun 30, 2024, 7:18 PM

Hi,

I'm trying to setup Add an X-Forwarded-For header.

It's for the Domoticz_ipvANY backend but I want it for more later.

When I check my logs in Domoticz I only see pfSense IP connecting.

TIA

viragomann · Jun 30, 2024, 7:18 PM

@varazir
"Add an X-Forwarded-For header" does, what its name implies. It adds a http header in traffic sent to the backen, which contains the real client source IP.

To get benefit of this, you have to configure your backend server to read and log the content of the X-Forwarded-For header. It might not do this out of the box.

varazir · Jun 30, 2024, 8:33 PM

@viragomann redid the HAproxy rules and now it's working.

varazir · Jul 7, 2024, 3:58 PM

@viragomann Hmm, looks like it's not working.

I did a tcpdump on the backend server and the X-Forwarded-For are not set as far as I can see in wireshark.

viragomann · Jul 7, 2024, 3:58 PM

@varazir
You can see the http headers in the capture?

varazir · Jul 7, 2024, 5:21 PM

@viragomann said in HAProxy forwardfor:

@varazir
You can see the http headers in the capture?

yes, strange is that it's only for Authelia I don't get the header set. I think I'm going to remove it.
Using wireguard to connect to my home network.