We are currently working on a redundant server setup (2 servers + 1 load balancer) using Tomcat 7 update 76. To fulfill the logging requirements of our company, we are trying to get the IP of the remote server, that actually sends the request, not the IP of the load balancer. Unfortunately we were not able to get it to work with the following documentation:
- https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html
- https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/AccessLogValve.html
- https://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Remote_IP_Valve
We used the following configuration for access logging and remote valve:
<Valve className="org.apache.catalina.valves.RemoteIpValve" internalProxies="xxx\.xxx\.xxx\.7|xxx\.xxx\.xxx\.8|xxx\.xxx\.xxx\.9" remoteIpHeader="X-Forwarded-For" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="access_log." suffix=".log"
pattern="%{org.apache.catalina.AccessLog.RemoteAddr}r %l %u %t "%r" %s %b"
requestAttributesEnabled="true" />
The request header 'X-Forwarded-For' was set and load balancer was analyzed via wireshark. However we still only get the IP of the load balancer and not the IP of the remote client. The IP adresses of the config have already been checked and they are correct.
Changing the pattern of the AccessLogValve was the solution for me, like so :
source: https://stackoverflow.com/a/36357291/1830268
full pattern attribute options are here : https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Log_Valve/Attributes