实现反向代理客户端IP透传

实验环境：

1.修改nginx代理配置文件
[root@proxy:/apps/nginx/conf.d]#
vim pc.conf 
server {
    listen 80;
    proxy_cache off;
    #proxy_cache proxycache;
    #proxy_cache_key $request_uri;
    proxy_cache_key $host$uri$is_args$args;
    proxy_cache_valid 200 302 301 10m;
    proxy_cache_valid any 5m;
    add_header class M44;
    add_header X-Via $server_addr;
    add_header X-Cache $upstream_cache_status;
    add_header X-Accel $server_name;
    proxy_hide_header ETag;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #添加客户端IP和反向代理服务器IP到请求报文头部                             

   #listen 443 ssl;
   #ssl_certificate /apps/nginx/conf.d/ssl/www.magedu.org.crt;
   #ssl_certificate_key /apps/nginx/conf.d/ssl/www.magedu.org.key;
   #ssl_session_cache shared:sslcache:20m;
   #ssl_session_timeout 10m;
    server_name www.magedu.org;
    root /data/nginx/html/pc/;
    location / {
        root /data/nginx/html/pc/;
    }
    location /api {
        proxy_pass http://10.0.0.8:8080/;
    }
    location ~* \.(jpe?g|png|bmp|gif)$ { #实现反向代理
        proxy_pass http://10.0.0.28;
    }
}
[root@proxy:/apps/nginx/conf.d]#
nginx -s reload 

2.后端服务器日志中添加查看头部的规则。添加\"%{X-Real-IP}i\"
[root@web2:~]#
vim /etc/httpd/conf/httpd.conf 
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{X-forwarded-for}i\" " combined
[root@web2:~]#
systemctl restart httpd


3.客户端进行测试
[root@ubuntu18 ~]#curl www.magedu.org/16m.jpg -I
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Jul 2022 01:50:18 GMT
Content-Type: image/jpeg
Content-Length: 16422438
Connection: keep-alive
Last-Modified: Sat, 02 Jul 2022 07:16:41 GMT
Accept-Ranges: bytes
class: M44
X-Via: 10.0.0.58
X-Accel: www.magedu.org

4.web服务器产看日志
[root@web2:~]#
tail -f /var/log/httpd/access_log 

10.0.0.58 - - [03/Jul/2022:09:54:23 +0800] "HEAD /16m.jpg HTTP/1.0" 200 - "-" "curl/7.58.0" "10.0.0.100" 
#实现ip地址透传。