class forward : Storing backend/frontend informations with mod_sql

Question

class forward : Storing backend/frontend informations with mod_sql

dgranjon opened this issue 4 years ago · 8 comments

Hi,

I 'm looking for a way to get backend/frontend information (like hostname or Ip) and store them in sql database with mod_sql.

I used ProxyRole forward and ProxyForwardMethod proxyuser@host,user , but when in use "SQLLog RETR,STOR" , i havn't variable about final host. (Like %a => Remote Ip address). Also, %f (or %F) is empty when i used mod_proxy and transfer file.

Ddier

Answer 1 · 2020-10-17T18:06:34.000Z

So you'd like to be able to record both the frontend/client IP/hostname, and the backend/server IP/hostname? Can you provide an example of the config you'd like to use, for logging these values to a SQL database, so I can see what you have in mind? Thanks!

Answer 2 · 2020-10-20T09:07:02.000Z

Hi Castaglia,

My config for mod_proxy :

 ProxySourceAddress x.x.x.x
 ProxyEngine on
 ProxyTables /var/lib/proftpd/proxy.tables
 ProxyLog /var/log/proftpd/proxy.log
 ProxyTimeoutLinger 10
 ProxyRole forward
 ProxyForwardMethod proxyuser@host,user

<Class forward-proxy>
  From y.y.y;y/32

  ProxyForwardEnabled on
</Class>

Détails about connexion

ftp proftpd_server 
user proxyuser@host => 
pass xxx
user user
pass xxx

I ve tried to log informations about file transfer for traceability (Filename => %f is empty, Size => Ok, proxyuser@host, user) into sql backend (with mod_sql and SQLLog RETR,STOR transfer).
I have host information in proxylog file. (passive backend data connection opened - remote : host_ip:port)

Thanks

Answer 3 · 2020-10-24T23:01:26.000Z

With this PR, the %F logging variable should now work properly again. Note that %f, for the full path, will probably not work as you expect, since the absolute path of the file being transferred is known on the backend server, but not on the proxy server.

You can also now use the following variables for logging:

%{note:mod_proxy.backend-ip} for the IP address of the backend/proxied server
%{note:mod_proxy.backend-port} for the port of the backend/proxied server
%{note:mod_proxy.backend-url} for a URL to the backend/proxied server

Answer 4 · 2020-10-26T09:59:04.000Z

Hi Castaglia,

I m going to try it this day. thank you very much for your response

Answer 5 · 2020-11-10T23:13:39.000Z

Any success/updates?

Answer 6 · 2020-11-12T08:56:06.000Z

Hi Castaglia,

Yes, I ve tested succesfully. Now i can store backend_ip and backend_port.

thanks very much,
Didier

Answer 7 · 2022-07-28T14:42:56.000Z

@Castaglia I'd like to point out that the mod_proxy.html documentation have a typo about the logging notes. It mentions %{note.mod_proxy.backend-ip}, but it should be %{note:mod_proxy.backend-ip}. Took hours for me to figure out why doesn't it work.

Answer 8 · 2022-07-28T23:59:55.000Z

@gab0rka doh! So sorry about that; thanks for letting me know. The docs should be fixed now.