Configuring varnishd to log client IP addresses
in Apache log
I realized today, that because my varnish serves incoming
connections to my
apache port a really annoying problem appears.
I mean in my httpd-access.log everytime I get some visit from the
Net, the
incoming IP address logged in the Apache log is originating from
127.0.0.0
e.g. (localhost). That's a real pain in the ass, cause it prevents
me from
adequately tracking visitors countries and their networks.
Therefore to fix that and configure varnish to always log my
original visitors
IPs to the apache log I had to follow instructions described
in.
How can I log the client IP address on the
backend? in
the Varnish Cache FAQ
Here I will include step by step explanation how I practically
implemented
the solution as explained in the FAQ on my FreeBSD.
First I had edit:
/usr/local/etc/varnish/default.vcl
The following is currently my default.vlc file content:
backend default {
.host = "127.0.0.1";
.port = "8080";
}
sub vcl_recv {
# Add a unique header containing the client address
remove req.http.X-Forwarded-For;
set req.http.X-Forwarded-For = client.ip;
# [...]
}
Next I had to add:
varnishd_config="/usr/local/etc/varnish/default.vcl"
to my
/etc/rc.conf
And then modify my:
/usr/local/etc/apache2/httpd.conf
and include:
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined
as well as:
CustomLog /var/log/httpd-access.log varnishcombined
to all my VirtualHosts.
Finally it's required to restart both
varnishd and
apache
pcfreak# /usr/local/etc/rc.d/varnishd restart
pcfreak# /usr/local/etc/rc.d/apache2 restart
That's all folks!