Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Real ip in the logs #316

Open
ErtyDess opened this issue Oct 16, 2023 · 1 comment
Open

Real ip in the logs #316

ErtyDess opened this issue Oct 16, 2023 · 1 comment

Comments

@ErtyDess
Copy link

I use cloudflare to access some actix api, in the logs of the api i get only the cloudflare ip, i would like to see the ip of the one that made the request. thank you

use log4rs::{
  append::{console::{ConsoleAppender, Target}, file::FileAppender},
  config::{Appender, Config, Root},
  encode::pattern::PatternEncoder,
};

pub fn start_logs(log_path: &str) -> Config {
  // Create a file appender that writes to "output.log" with formatted date and log message
  let file_appender = FileAppender::builder()
      .encoder(Box::new(PatternEncoder::new(
          "{d(%Y-%m-%d %H:%M:%S)} {l} - {m}{n}",
      )))
      .build(log_path)
      .unwrap();

  // Create a console appender with colored output, formatted date, and log message
  let console_encoder = PatternEncoder::new("{h({d(%Y-%m-%d %H:%M:%S)} - {l}: {m}{n})}");
  let colored_console = ConsoleAppender::builder()
      .encoder(Box::new(console_encoder))
      .target(Target::Stdout)
      .build();

  // Configure the root logger to use the file and console appenders
  let config = Config::builder()
      .appender(Appender::builder().build("file", Box::new(file_appender)))
      .appender(Appender::builder().build("console", Box::new(colored_console)))
      .build(
          Root::builder()
              .appender("file")
              .appender("console")
              .build(log::LevelFilter::Info),
      )
      .unwrap();

  config
}
@timothyhutz
Copy link

timothyhutz commented Mar 8, 2024
edited
Loading

Just want to clarify what you mean the one that made the request? Is this people going though the cloud flare CDN and the origin is that API?

Here's a breakdown of the X-Forwarded-For header and how it relates to retrieving client IPs when using Cloudflare:

What is the X-Forwarded-For Header?

Purpose: This standard HTTP header (often abbreviated as XFF) was designed to provide a chain of IP addresses identifying the original client that initiated a request when it passes through proxies or load balancers.
Format:
X-Forwarded-For: client_ip, proxy1_ip, proxy2_ip, ...
The Rightmost IP: This is usually the original client's IP address.
Why Cloudflare Changes Things

Cloudflare is a reverse proxy, sitting between your origin server and clients:

Client Request: A client makes a request to your website/application.
Cloudflare: Cloudflare receives the request and forwards it to your origin server.
XFF Modification: Cloudflare adds its own connecting IP to the X-Forwarded-For header to maintain visibility in the chain.
Retrieving the Client IP on Your Server

Due to Cloudflare, you can't directly rely on the rightmost IP in the XFF header. Here's what you need:

CF-Connecting-IP Header: Cloudflare provides a special header called CF-Connecting-IP. This header will contain the true client IP.
Trusting Cloudflare: Since requests to your server come from Cloudflare, you'll need to configure your application/server to trust and read the CF-Connecting-IP header
Checking Both (Optional): For extra validation, you might compare the IP in CF-Connecting-IP to the rightmost IP in the X-Forwarded-For header.

Not sure if this actually an issue with the code? If there is more to go on please comment here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@timothyhutz @ErtyDess