Abhiram Singh Kushwah wrote: > Hi, > > I'm running a web server behind a firewall that forwards its incoming > requests > for port 80 to its port 80 of the web server. The problem is that all the log > entries in the apache's access log are logged as requests coming from the > firewall, and I get firewall's ip address for all the log entries. > > at firewall i'm running iptables as > > iptables -A PREROUTING -t nat -j DNAT -p tcp -d MYPUBLIC_IP --dport 80 --to > PRIVATE_IP:80 > > I'm trying to figure out how to properly log clients' ip addresses in > apache's > access log.
This should not happen since you are changing the destination IP of the incoming requests and not the source IP. The only situation in which this can happen is when you have some SNAT rule which is changing the source IP of the requests to that of the firewall box. And most likely, you must be doing SNAT for the requests coming from your own LAN and changing their IP to the IP of the firewall box. So when the hosts in your LAN access the webserver through its public IP, all the requests get logged as coming from the firewall box. Just check your SNAT rules. -- Manish http://www.tuxspace.com/ _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/