In deep past was change Z2 logger in python
source code directly.
Today I use pound logs with grep.
----- Původní zpráva -----
Odesláno: 19. února 2012 19:10
Předmět: Re: [Pound Mailing List] user
The weird thing I dont see
X-Forwarded-For HTTP-Header anywhere in Z2.log , i see something like
On Sun, Feb 19, 2012 at 7:26 PM, Heiko Schlittermann
<email@example.com> (So 19 Feb
2012 14:22:21 CET):
As Pound acts an a proxy on
the application protocol layer, Zope will
> We're using Pound as front for Zope and in
Z2.log it shows the main IP of
> Pound that forwards
> I wish to use the Domains feature under acl_users
in zope to restrict
> access for managers (the /manage) So how can i
change/tweak it where Zope
> can see the real user IP for using it in
Domains option for managers?
see connections originating
from the Pound proxy only.
But - Pound sets the X-Forwarded-For
GET /test/index.html HTTP/1.0
User-Agent: Wget/1.12 (linux-gnu)
DHE-RSA-AES256-SHA SSLv3 Kx=DH
Au=RSA Enc=AES(256) Mac=SHA1
But - you should read about X-Forwarded-For and
possibilities of its
abuse and about its contents in face of proxy
I do not know anything about Zope, but probably you can have
the X-Forwarded-For headers and apply its ACLs on the base of
111.222.333.444 - bashar [19/Feb/2012:20:24:19 +0300] "GET
/html/admin HTTP/1.1" 200 5636 "" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64;
rv:10.0.1) Gecko/20100101 Firefox/10.0.1"
I remember X-Forwarded
requests in Nginx sits at the end of the log entries but not the case in this
log, would it be I'm using a very old pound and didn't have this feature?
pound -V shows 2.1.3