rejetto forum
Software => HFS ~ HTTP File Server => Topic started by: Novox on November 01, 2008, 04:48:31 PM
-
Hello rejetto,
I have some suggestions about one function that I would like you to implement it in HFS. The function is to show the IP address from the forwarded IP. For example, If the client connect to the HFS through proxy. HFS will read the IP address of that proxy not the real IP for the client. Then the connection limit is not work well for this. Here I have attached a picture for clearly understand.
In my server, I have used ReverseProxy to make HFS running on port 80 as same as Apache, so that HFS will read the proxy IP(Apache IP) not the client IP. When right click at the connection list and choose view HTTP Request, it will show the dialog with details just like the picture below.
Thanks!
(http://img231.imageshack.us/img231/9344/111jf9.th.jpg) (http://img231.imageshack.us/my.php?image=111jf9.jpg)(http://img231.imageshack.us/images/thpix.gif) (http://g.imageshack.us/thpix.php)
-
it was introduced in build #199.
+ show header(http_x_forwarded_for) instead of IP, but only if IP in a customizable ip-mask (127.0.0.1 by default) www.rejetto.com/forum/?topic=5811
at the moment there's no graphical way to edit this mask, you must edit the ini file and search for the line starting with
forwarded-mask=
You may even put * as mask, that will enable the feature for every address.
This is not so by default because the content of that header may be tampered and be not the real ip but anything. It's up to you to trust what the proxy says.
-
Hello rejetto,
Thanks for your reply. I have workaround this problem by using mod_bw in Apache to limit the download connection. It works like a charm!!
EDIT:: Apache Module not work well. T_T
-
Hi rejetto,
Would you please explain how to use "http_x_forwarded_for"? I have look at my hfs.ini and find forwarded-mask. For my forwarded-mask, the value is 127.0.0.1 so I keep it default. Then I start the server on 127.0.0.1 but for the incoming IP address it always show as the HFS IP (127.0.0.1). It doesn't show the IP on X-Forward-For field in the first reply's attached picture. How can I fix this problem. Testing on build #212
Thanks in advance!
ADDITIONAL INFO: I have change forwarded-mask into * but the problem is still. X-Forward-Host and X-Forward-Server isn't 127.0.0.1 so this may make the problem still?
MORE:: I have tried to make X-Forward-Server into 127.0.0.1 but can't solve.
-
What's the proxy you are using?
-
Hi rejetto,
Thank you very much for your reply!!
I have used ProxyPass from Apache Web Server. Just like the first thread that asked you to implement this function (www.rejetto.com/forum/?topic=5811). For more info about my system, I have installed HFS on port 88 and Apache on port 80 then I have used ProxyPass to pass HFS port to 80 as same as Apache. Any idea?
Thanks again!
-
ok,
1. make a request to hfs through the proxy
2. in the bottom of hfs main window, you'll see the idle connection still alive. right click -> view http request
3. CTRL + C
4. come here to reply to this topic
5. CTLR + V
-
Hi rejetto,
I can't copy any text information, so I give you a screenshot instead.
(http://img241.imageshack.us/img241/5798/keepaliveof5.th.jpg) (http://img241.imageshack.us/my.php?image=keepaliveof5.jpg)(http://img241.imageshack.us/images/thpix.gif) (http://g.imageshack.us/thpix.php)
-
if you use CTRL + C, you see nothing, but it's copying.
it's a Windows feature (for standard dialogs only), if you follow my instructions, it works. ;)
anyway, it was only for your convenience, because to me the screenshot is good enough!
I found the bug, and it will be fixed in next build (215).
Thank you for reporting!
-
WOW!! Thank you very much! Can't wait for the next build!!
You're so cool rejetto!!! and many thanks for the new tips about to copy the text in the dialog box ;D
-
it was introduced in build #199.
+ show header(http_x_forwarded_for) instead of IP, but only if IP in a customizable ip-mask (127.0.0.1 by default) www.rejetto.com/forum/?topic=5811
at the moment there's no graphical way to edit this mask, you must edit the ini file and search for the line starting with
forwarded-mask=
You may even put * as mask, that will enable the feature for every address.
This is not so by default because the content of that header may be tampered and be not the real ip but anything. It's up to you to trust what the proxy says.
When you said you may even put * as mask did you perhaps mean
"forwarded-mask=::1;127.0.0.1" >> "forwarded-mask=*" ?