实验环境:
1.修改nginx代理配置文件 [root@proxy:/apps/nginx/conf.d]# vim pc.conf server {
listen 80; proxy_cache off; #proxy_cache proxycache; #proxy_cache_key $request_uri; proxy_cache_key $host$uri$is_args$args; proxy_cache_valid 200 302 301 10m; proxy_cache_valid any 5m; add_header class M44; add_header X-Via $server_addr; add_header X-Cache $upstream_cache_status; add_header X-Accel $server_name; proxy_hide_header ETag; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #添加客户端IP反向代理服务器IP请求报文头部 #listen 443 ssl; #ssl_certificate /apps/nginx/conf.d/ssl/www.magedu.org.crt; #ssl_certificate_key /apps/nginx/conf.d/ssl/www.magedu.org.key; #ssl_session_cache shared:sslcache:20m; #ssl_session_timeout 10m; server_name www.magedu.org; root /data/nginx/html/pc/; location / {
root /data/nginx/html/pc/; } location /api {
proxy_pass http://10.0.0.8:8080/; } location ~* \.(jpe?g|png|bmp|gif)$ {
#实现反向代理 proxy_pass http://10.0.0.28; } } [root@proxy:/apps/nginx/conf.d]# nginx -s reload 2.在后端服务器日志中添加检查头部的规则。\"%{
X-Real-IP}i\" [root@web2:~]# vim /etc/httpd/conf/httpd.conf LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{X-forwarded-for}i\" " combined [root@web2:~]#
systemctl restart httpd
3.客户端进行测试
[root@ubuntu18 ~]#curl www.magedu.org/16m.jpg -I
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Jul 2022 01:50:18 GMT
Content-Type: image/jpeg
Content-Length: 16422438
Connection: keep-alive
Last-Modified: Sat, 02 Jul 2022 07:16:41 GMT
Accept-Ranges: bytes
class: M44
X-Via: 10.0.0.58
X-Accel: www.magedu.org
4.web服务器产看日志
[root@web2:~]#
tail -f /var/log/httpd/access_log
10.0.0.58 - - [03/Jul/2022:09:54:23 +0800] "HEAD /16m.jpg HTTP/1.0" 200 - "-" "curl/7.58.0" "10.0.0.100"
#实现ip地址透传。