Hello,
linux: Linux asus-gonzo 2.6.15-26-686 #1 SMP PREEMPT Thu Aug 3 03:13:28 UTC 2006 i686 GNU/Linux stunnel: stunnel 4.14 on i486-pc-linux-gnu PTHREAD+POLL+IPv6+LIBWRAP with OpenSSL 0.9.8a 11 Oct 2005 apache: Apache/2.0.55
I am using stunnel in Ubuntu to provide https serving to an http-only Apache installation. The stunnel config is:
cert = /home/gonzo/src/bg/run/SSL/server.crt key = /home/gonzo/src/bg/run/SSL/server.crt chroot = /var/run/stunnel4/ setuid = stunnel4 setgid = stunnel4 pid = /stunnel4.pid socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 debug = 7 output = /var/log/stunnel4/stunnel.log client = no
[https] accept = 443 connect = 80 TIMEOUTclose = 0
Everything works perfectly, except for one minor detail: on the server, my PHP scripts do not have access to the real IP address of the client, and they always see this value as 127.0.0.1. I am aware the manual says that, if you use -l or -L, there will be an additional REMOTE_HOST environment variable with the desired IP address, but I am not sure how to make this work from a setup like mine, where the http server process is already running.
Any help or hints are greatly appreciated. Best regards,
Hi,
On Son 03.09.2006 14:30, Gonzalo Diethelm wrote:
stunnel: stunnel 4.14 on i486-pc-linux-gnu PTHREAD+POLL+IPv6+LIBWRAP with OpenSSL 0.9.8a 11 Oct 2005 apache: Apache/2.0.55
[snipp]
Everything works perfectly, except for one minor detail: on the server, my PHP scripts do not have access to the real IP address of the client, and they always see this value as 127.0.0.1. I am aware the manual says that, if you use -l or -L, there will be an additional REMOTE_HOST environment variable with the desired IP address, but I am not sure how to make this work from a setup like mine, where the http server process is already running.
Any help or hints are greatly appreciated. Best regards,
Sponsor Michal http://stunnel.mirt.net/todo_sdf.html
or try
http://haproxy.1wt.eu/#down => X-Forwarded-For support for Stunnel
Regards
Alex
-
Alexander Lazic -
Gonzalo Diethelm