User logging (WAS: Is it possible to log original IP addresses?)

User logging (WAS: Is it possible to log original IP addresses?)

Post by Michael Boyarsk » Thu, 20 Apr 2000 04:00:00

OK, thanks to everyone who pointed me to X-Forwarded-For header,
which contains the address of client behind the proxy. It really works,
but it looks like in case of proxy forwarding request to another proxy
I'm getting the address of that previous proxy:
i.e. client->proxyA->proxyB->server and I log proxyA in X-Forwarded-For

Log format:
CustomLog xxxxx  "%h %l %u %t \"%r\" %s %b \"%{Referer}i\"
\"%{User-Agent}i\" %{X-Forwarded-For}i"

Sample log line: - - [19/Apr/2000:12:53:36 +0400] "GET
/Exclusive/exclusive_K8.html HTTP/1.0" 200 2783 "-" "Mozilla/4.0
(compatible; MSIE 5.0; Windows NT)" unknown,


#telnet 3128
Connected to
Escape character is '^]'.

HTTP/1.0 400 Bad Request
Server: Squid/2.2.STABLE5-hno.20000202
So proxyA =, proxyB=,
client= ???

So now my questions are:
1. Are my conclusions correct?
2. Are there any better methods for tracking server users, including
behind proxies? May be cookies will help and if yes, are there any tools
3. Can anybody explain why I am getting  'unknown,' in this log line
"Mozilla/4.0 (compatible; MSIE 5.0; Windows NT)" unknown,
Other log lines look as they should be:
"Mozilla/4.7 [en] (Win98; I)"
Again, custom format here is
\"%{User-Agent}i\" %{X-Forwarded-For}i

Many thanks in advance



1. Is it possible to log original IP addresses ?

Is it possible to log original IP addresses of client computers
which use proxy servers to connect to my web server? Currently I get
proxy IP address in my logs, but I remember that I read somewhere
that it is possible to know the original requester's address...

Thanks in advance


2. nfds fails with Pre2.03

3. Possible NOT to log IP addresses?

4. Linux DvipsK still in Alpha stage, please use old Dvips!

5. Why am I not 'Logged in' ?

6. Oracle on Sun Solaris 8

7. How do see what ip address users are logged into ???

8. Middle Aged Fat Asses

9. router log - I am under attack ??

10. How Can I know when I am logged on in a person logon on

11. Why am I not logged in wtmp?

12. Where am I logging in FROM??? help!

13. How can I tell whether I am logging in on console inside .login?