Forum OpenACS Development: Re: ad_conn peeraddr

9: Re: ad_conn peeraddr (response to 8)
Posted by Gustaf Neumann on
quite simple:
  1. define in your config.tcl file (startup file for the aolserver) something like
    ns_section "ns/parameters"
            ns_param   home            $homedir
            ns_param   debug           false
            ns_param   ReverseProxyMode   true
  2. insert the snippet above into your packages/acs-tcl/tcl/request-processor-procs.tcl (just search for the place, where the peer_addr is set).
  3. make sure, your proxy inserts the x-forwarded-for header field.
When you restart the server, "ad_conn peer_addr" is set to the last x-forwarded-for addr in the header, usually the client. Some proxies have to option to drop incoming x-forwarded-for field, so spoofing this field can be avoided in general.

hope, this helps.