Results 1 to 2 of 2
Hi,
I'm looking to block certain IP's on Linux web servers matching specific criteria. These web servers are behind a load balancer that's configured to operate in reverse proxy mode.
...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 12-05-2011 #1Just Joined!
- Join Date
- Aug 2009
- Location
- Mumbai, India
- Posts
- 75
Capture X-Forwared-For header for iptables
Hi,
I'm looking to block certain IP's on Linux web servers matching specific criteria. These web servers are behind a load balancer that's configured to operate in reverse proxy mode.
A tcpdump of port 80 traffic shows the traffic originating from the load balancer's IP because of which I'm not able to block the actual client IP the traffic originates from. The apache logs show me the client IP's since XFF info is captured. Any method to cause iptables to capture the actual XFF ip through some match string ???
My script picks up the actual client IP's from a DB but since the actual IP's are substituted with the load balancer's IP in packet capture, the iptables rules are ineffective
Assistance appreciated.
--Syd
- 12-15-2011 #2Linux Engineer
- Join Date
- Oct 2005
- Location
- Italy
- Posts
- 773
I'm afraid that if it is a transparent proxy you can win only by using deep packet inspection methods.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
