[ZBX-23092] Zabbix 6.4.4 - X-Forwarded-For unsupported Created: 2023 Jul 12 Updated: 2024 Feb 16 |
|
| Status: | Open |
| Project: | ZABBIX BUGS AND ISSUES |
| Component/s: | Frontend (F) |
| Affects Version/s: | 6.4.4 |
| Fix Version/s: | None |
| Type: | Incident report | Priority: | Trivial |
| Reporter: | AndreaConsadori | Assignee: | Maksym Buz |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Debian 12 |
||
| Description |
|
i've a Kemp reverse proxy behind Zabbix, i enable x-forwarded-for filed and in Apache where i've zabbix Frontend i can see logs 172.16.200.xx - - [12/Jul/2023:17:36:23 +0200] "GET /zabbix.php?action=dashboard.view&dashboardid=322 HTTP/1.1" 200 875 "10.254.253.xxx""-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" if i go under "Reports/Audit log" under my user activity i see always reverse proxy ip 172.16.200.xx and not real ip 10.254.253.xx
|
| Comments |
| Comment by AndreaConsadori [ 2023 Oct 09 ] |
|
hello, mabye the behaviour change after this bug?
|
| Comment by Thiago Murilo Diniz [ 2023 Dec 18 ] |
|
It seems like that was it. In the Nginx reverse proxy configuration (just below the proxy_pass parameter): proxy_set_header X-Real-IP $remote_addr; In the Nginx configuration of the Zabbix frontend: As I use the official Docker image, I added these two lines in my Dockerfile (replace <your_ip_addr> with the network/IP address of your reverse proxy): sed -i '/include \/etc/i \ \ \ \ set_real_ip_from <your_ip_addr>;' /etc/nginx/nginx.conf \ && sed -i '/include \/etc/i \ \ \ \ real_ip_header X-Real-IP;' /etc/nginx/nginx.conf |
| Comment by Faustin [ 2024 Feb 03 ] |
|
Found, there was some missing stuffs in the local apache configuration (use the remoteip module and add the header there too). |