[pve-devel] [PATCH http-server 1/1] fix #5699: pveproxy: add library methods for real IP support
Thomas Lamprecht
t.lamprecht at proxmox.com
Mon Nov 25 12:17:41 CET 2024
Am 25.11.24 um 10:05 schrieb Fabian Grünbichler:
> yeah, we could switch to the new format *only* if the header option is set?
> as else, the two IPs are identical anyway, so logging the same one twice
> while breaking the format provides no benefit?
>
> and then maybe with 9.0 switch the format unconditionally, so that
> parsers/fail2ban configs only need to handle one of them going forward..
Sounds fine to me. Albeit for some this still might break, if they already
use a reverse proxy now – but these people at least could not have any
(working) fail2ban, as they just would have banned the IP of their reverse
proxy, so it should be fine I think.
btw., and sorry if I just missed this on reading, how do others log this?
I.e., is there any somewhat common format and does this patch already
adheres to that format?
More information about the pve-devel
mailing list