Abhiram Singh Kushwah wrote: > I'm not using any SNAT rules at my firewall. > > Thanks and Regards, > Abhiram > > >>>I'm running a web server behind a firewall that forwards its incoming >>>requests for port 80 to its port 80 of the web server. The problem is >>>that all the log entries in the apache's access log are logged as >>>requests coming from the firewall, and I get firewall's ip address for >>>all the log entries. >>> >>>at firewall i'm running iptables as >>> >>>iptables -A PREROUTING -t nat -j DNAT -p tcp -d MYPUBLIC_IP --dport 80 >>>--to PRIVATE_IP:80 >>> >>>I'm trying to figure out how to properly log clients' ip addresses in >>>apache's access log. >> >>This should not happen since you are changing the destination IP of the >>incoming requests and not the source IP. The only situation in which >>this can happen is when you have some SNAT rule which is changing the >>source IP of the requests to that of the firewall box. And most likely, >>you must be doing SNAT for the requests coming from your own LAN and >>changing their IP to the IP of the firewall box. So when the hosts in >>your LAN access the webserver through its public IP, all the requests >>get logged as coming from the firewall box. Just check your SNAT rules. >
Do you have a proxy server running on the firewall box ? -- Manish _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/