Hola a Todes!

I'm proxing the sbbs web server via nginx (as front), I set the
x-real-ip and x-forwarder-from heder to preserve the original client address.

location ^~ /web {
try_files $uri @app;
}

location @app {
rewrite /web(.*) /$1 break;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8088;
proxy_redirect off;
}
the logs, show 127.0.0.1 as remote address in several points,
Can be posibble that Sync honor these headers or any workaround to obtain the real ip?

127.0.0.1 - - [10/Oct/2020:22:08:24 -0300] "GET //?page=001-forum.ssjs&sub=doven...
127.0.0.1 - - [10/Oct/2020:22:09:08 -0300] "GET //?page=001-forum.ssjs&su...

file1.ext was HTTP-downloaded by Guest [127.0.0.1]

file2.ext was HTTP-downloaded by Guest [127.0.0.1]

file3.ext was HTTP-downloaded by Guest [127.0.0.1]


thanks!!!!
Saludos!

--
Ragnarok

Dock Sud BBS
https://bbs.docksud.com.ar
tw: @docksud
fb: DockSudBBS

---
þ Synchronet þ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar

Re: proxy nginx x-real-ip
By: Ragnarok to All on Sat Oct 10 2020 11:32 pm

Hola a Todes!

I'm proxing the sbbs web server via nginx (as front), I set the
x-real-ip and x-forwarder-from heder to preserve the original client address.

location ^~ /web {
try_files $uri @app;
}

location @app {
rewrite /web(.*) /$1 break;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8088;
proxy_redirect off;
}
the logs, show 127.0.0.1 as remote address in several points,
Can be posibble that Sync honor these headers or any workaround to obtain the real ip?

Likely. Take a look-see at src/sbbs3/websrvr.c and have at it! :-)

digital man

This Is Spinal Tap quote #28:
We've got Armadillos in our trousers. It's really quite frightening.
Norco, CA WX: 64.9øF, 82.0% humidity, 7 mph NE wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

El 11/10/20 a las 00:54, Digital Man escribi¢:

Re: proxy nginx x-real-ip
By: Ragnarok to All on Sat Oct 10 2020 11:32 pm

> Hola a Todes!
>
> I'm proxing the sbbs web server via nginx (as front), I set the
> x-real-ip and x-forwarder-from heder to preserve the original client
> address.
>
> location ^~ /web {
> try_files $uri @app;
> }
>
> location @app {
> rewrite /web(.*) /$1 break;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $remote_addr;
> proxy_set_header Host $host;
> proxy_pass http://127.0.0.1:8088;
> proxy_redirect off;
> }
> the logs, show 127.0.0.1 as remote address in several points,
> Can be posibble that Sync honor these headers or any workaround to obtain
> the real ip?

Likely. Take a look-see at src/sbbs3/websrvr.c and have at it! :-)

digital man

I need return to this topic,


my log still show that connection from proxy as 127.0.0.1

Dec 25 20:27:08 scarlet synchronet: web 0086 HTTP Logon (user #2)
Dec 25 20:27:08 scarlet synchronet: web 0090 HTTP connection accepted
from: 127.0.0.1 port 57490


Then, i cannot get my fail2ban working optimal for block the source ip
address because, it's get 127.0.0.1 instead of the real:


synchronet: web 0031 HTTP Throttling suspicious connection from:
127.0.0.1 (5 login attempts)
Dec 25 06:27:17 scarlet synchronet: web 0087 HTTP connection accepted
from: 127.0.0.1 port 49286

Could someone else who uses nginx in front of sbbs confirm what address appears in the log?

thanks!

---
þ Synchronet þ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar