I had a similar issue, especially since we have nodes split behind F5 and
Netscaler, which both operate differently with respect to header preservation,
modification.
Our solution was to write our own HeaderParser.pm module and register it as the
handler of that apache phase, and attempt to derive the "real" client IP
(parsing CLIENT_IP || X-Forwarded-For, etc.) and set that in a new header
called "X-Derived-Client-IP", which the load balancers ignore. Also, we have a
GUID cookie we use to identify unique clients, and we parse the cookies at that
phase as set a "X-Derived-Client-ID" header. Then, at the normal LogHandler
apache phase, we use the %{Header}i in our LogFormat configuration to get it in
the access logs. We are running on the Apache 1.3* stack.
Hope this helps,
- Jeff
----- Original Message ----
From: Carl Johnstone <[EMAIL PROTECTED]>
To: [email protected]
Sent: Thursday, August 2, 2007 8:07:53 AM
Subject: reverse proxy/logging problem
Hi,
I've got a two-apache reverse proxy setup, split over two hosts.
The problem I've got is that I'd like to put the user_id in the access logs
so that our log analysis software can make use of it.
Setting apache->user correctly logs the user at the back-end however the IP
addresses are wrong, being the internal address of the front-end proxy. Also
requests dealt with purely at the front-end aren't logged.
Logging at the front-end means all requests are logged with the right IP
address. Additional bonuses for me are that those servers are less loaded,
and I'd be able to turn off logging at the back-end. However the user_id
isn't available.
Is there any easy way to pass the user_id from the back-end in such a way
the front-end could log it? Or is there another option?
Carl
