-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Filippo,
On 5/26/2011 8:22 AM, Filippo Machi wrote: > The service I was talking about is a php script we put in the crontab and it > accesses directly to the tomcat asking the url (127.0.0.1:8080/...) Okay: when you use 127.0.0.1, you should always be using the loopback address. That's good. If you were using a non-localhost hostname (like myserver.mydomain.it) then your "remote address" would likely appear to be the external IP address of the server because, well, that's just how TCP/IP works. > I'm omitting the final part of the ip just for privacy. There are > just a little set of ips that seem to be involved in the scenario I > described and they don't change. Okay. Since they don't change, what is the relationship between the IP address you are observing and the network setup you have? Is 85.18.x.x the external IP address of the server? I wonder if your server is re-writing URLs in an HTTP response that are fully-qualified. So, instead of the URL being relative like "/foo/bar" it's being sent as "http://myserver.mydomain.it/foo/bar" and so your client is therefore appearing to come from the server's external IP address. Simple question: do you "trust" 85.18.x.x? If so, why not just add it to the list of trusted IP addresses in your filter? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3eXgQACgkQ9CaO5/Lv0PCB/wCdGsDiCNV8rQz9u2JJixEmKEWd rwgAn0uXaBOuCwkZ6YiMLTaRk2+FzUm3 =dqU7 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org