IP gets lost during redirection

IP gets lost during redirection

[John Smith]

Hi,

I got a server (first machine) which is reachable via the internet.
Depending on kind of Request (HTTP, FTP...) it redirects internally to a
different machine. This machine (second machine) is running apache2 for
example. Everthing works fine.
Yet the apache logs on the second machine always list the redirecting
machine (first machine) as the requesting adress/ip and not the ip adress
of the requesting client from the internet.

How can I fix this? I'm sorry to be so unspecific about the configuration
of iptables on the redirecting machine, but this is all I know about it.
However I can get more information if it is needed for the solution and
you can exactly say what you need.

Greets, John

Re: IP gets lost during redirection

[Billy Crook]

How is the first machine "redirecting"?

The most simple solution is to configure the 'different machine's to
use the first machine as their default gateway, then use masquerading
on the first machine.  If you can not use the first machine as the
default gateway of the 'different machine's then what you want is not
possible.

On Thu, Aug 14, 2008 at 17:15, John Smith <ml375mail-pof@yahoo.de> wrote:
> Hi,
>
> I got a server (first machine) which is reachable via the internet.
> Depending on kind of Request (HTTP, FTP...) it redirects internally to a
> different machine. This machine (second machine) is running apache2 for
> example. Everthing works fine.
> Yet the apache logs on the second machine always list the redirecting
> machine (first machine) as the requesting adress/ip and not the ip adress
> of the requesting client from the internet.
>
> How can I fix this? I'm sorry to be so unspecific about the configuration
> of iptables on the redirecting machine, but this is all I know about it.
> However I can get more information if it is needed for the solution and
> you can exactly say what you need.
>
> Greets, John
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Re: IP gets lost during redirection

[Grant Taylor]

On 8/14/2008 5:15 PM, John Smith wrote:
> I got a server (first machine) which is reachable via the internet. 
> Depending on kind of Request (HTTP, FTP...) it redirects internally 
> to a different machine. This machine (second machine) is running 
> apache2 for example. Everthing works fine. Yet the apache logs on the 
> second machine always list the redirecting machine (first machine) as 
> the requesting adress/ip and not the ip adress of the requesting 
> client from the internet.

Ok...

What happens if an internal client tries to connect to an ""external 
service?  I.e. the FTP server tries to HTTP to your ""external service? 
  Will the HTTP connection work?  What source IP do you see in Apache's 
logs then?

I'm wondering if the packets are being redirected (as in NATed) or if 
they are being proxied in.  If they are proxied in, you would naturally 
see the internal source IP of the proxying host.

> How can I fix this? I'm sorry to be so unspecific about the 
> configuration of iptables on the redirecting machine, but this is all 
> I know about it. However I can get more information if it is needed 
> for the solution and you can exactly say what you need.

It depends on what is really being done.  Find out if IPTables really is 
being used to do the ""redirecting on the first machine.  If IPTables is 
being used to do the ""redirecting (as opposed to just filtering for a 
proxy) see what the contents of the NAT table is on the first system. 
(The output of iptables-save would be great.)



Grant. . . .