X-Forward-for isn't appearing


#1

Good Day,

I am running:
CentOS release 6.6 (Final)
HA-Proxy version 1.5.2 2014/07/12
Copyright 2000-2014 Willy Tarreau w@1wt.eu

I have the following frontend-backend block in my haproxy.cfg:
frontend labweb-secure
mode http
option httplog
option forwardfor
capture request header host len 30
capture request header X-Forwarded-For len 50
bind 165.123.50.49:443 ssl crt /etc/haproxy/ssl/labweb-secure.pem
bind 2607:f470:4:1::b:443 ssl crt /etc/haproxy/ssl/labweb-secure.pem

backend pennhosted-secure
server lab-web3 lab-web3.net.isc.upenn.edu:80 check

But the log, and the backend, are not reflecting the x-forwarded-for, only the host header.

Feb 14 08:46:51 localhost haproxy[4698]: 128.91.196.194:58840 [14/Feb/2017:08:46:51.413] labweb-secure~ pennhosted-secure/lab-web3 12/0/0/1/13 404 486 - - ---- 0/0/0/0/0 0/0 {labweb-secure.net.isc.upenn.ed|} “GET /favicon.ico HTTP/1.1”

Is there an additional configuration requirement to get x-forwarded-for to insert?
Thanks,

Peter


#2

I’m guessing, but I’d imagine that capture request header processing takes place before any HAProxy configured headers are inserted.

Also, it’s not clear from your configuration that the backend is in http mode, is it?