zoukankan html css js c++ java

nginx*、让代理节点记录客户端真实IP

环境：根据http://www.cnblogs.com/zzzhfo/p/6032095.html环境配置

在web01或web02上查看用户访问日志

先客户端访问

[root@web_backup /]# for n in {1..20} ;do curl www.test.com;sleep 1 ;done
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>

查看日志

[root@web01 /]# tail -f /etc/httpd/logs/www.test.com.access_log 
192.168.119.128 - - [29/Sep/2016:22:14:33 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:14:35 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:14:37 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:14:39 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:14:41 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:15:51 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:15:53 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:15:55 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:15:57 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:16:00 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:16:02 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:16:04 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:16:06 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:16:08 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:16:10 +0800] "GET / HTTP/1.0" 200 22

web端记录的都是nginx的IP

修改nignx负载均衡器的/usr/local/nginx/conf/nginx.conf；在location / 添加 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

upstream web_pools {
    server 192.168.119.130:80 weight=5;
    server 192.168.119.133:80 weight=5;
    server 192.168.119.131:80 weight=5   backup;
}

    server {
        listen       80;
        server_name  www.test.com;
        location / {
            root   html;
            index  index.html index.htm;
            proxy_pass http://web_pools;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
        }
    }

重启nginx服务

[root@lb01 /]# nginx -s stop
[root@lb01 /]# nginx
[root@lb01 /]# netstat -anpt | grep nginx
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      2113/nginx

在web01和web02上修改 /etc/httpd/conf/httpd.conf

[root@web01 /]# vim /etc/httpd/conf/httpd.conf 
LogFormat ""%{x-forwarded-for}i" %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined

<VirtualHost *:80>
    DocumentRoot "/var/www/www"
    ServerName www.test.com
    ErrorLog "logs/www.test.com.error_log"
    CustomLog "logs/www.test.com.access_log" combined
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/var/www/bbs"
    ServerName bbs.test.com
    ErrorLog "logs/bbs.test.com.error_log"
    CustomLog "logs/bbs.test.com.access_log" combined
</VirtualHost>
[root@web01 /]# /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

[root@web02 /]# vim /etc/httpd/conf/httpd.conf
LogFormat ""%{x-forwarded-for}i" %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined

<VirtualHost *:80>
    DocumentRoot "/var/www/www"
    ServerName www.test.com
    ErrorLog "logs/www.test.com.error_log"
    CustomLog "logs/www.test.com.access_log" combined
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/var/www/bbs"
    ServerName bbs.test.com
    ErrorLog "logs/bbs.test.com.error_log"
    CustomLog "logs/bbs.test.com.access_log" combined
</VirtualHost>

测试：客户端访问

[root@web_backup /]# for n in {1..10} ;do curl www.test.com;sleep 1 ;done
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>
<h1>www.test.com<h1/>

到web节点查看日志

[root@web02 /]# tail -f /etc/httpd/logs/www.test.com.access_log 
192.168.119.128 - - [29/Sep/2016:22:36:56 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:36:58 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:01 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:03 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:05 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:41 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:43 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:45 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:47 +0800] "GET / HTTP/1.0" 200 22
192.168.119.128 - - [29/Sep/2016:22:37:49 +0800] "GET / HTTP/1.0" 200 22
"192.168.119.131" - - [29/Sep/2016:22:41:23 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:41:25 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:41:27 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:41:29 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:41:31 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.b/1.2.3 libidn/1.18 libssh2/1.4.2"

[root@web01 /]# tail -f /etc/httpd/logs/www.test.com.access_log 
"192.168.119.131" - - [29/Sep/2016:22:33:16 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:18 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:20 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:22 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:24 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:26 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:28 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:30 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:32 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
"192.168.119.131" - - [29/Sep/2016:22:33:34 +0800] "GET / HTTP/1.0" 200 22 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"

这是apahce的日志信息

如果web节点为nginx服务、则不需要修改、默认已经支持、只需在代理上添加：proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;即可

[root@lb02 /]# vim /usr/local/nginx/conf/nginx.conf
http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

查看全文

相关阅读:
【Qt】Qt软件打包发布
 最大公约数最小公倍数
 random实现验证码
 sort 和sorted的区别
 Python-内置数据结构之元组（tuple）
BZOJ 1112 线段树
 POJ 1682 DP
POJ 1671 第二类斯特林数
 BZOJ 1592 DP
POJ 1636 DFS+DP

原文地址：https://www.cnblogs.com/hwlong/p/6036220.html