-
-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate multi site support #36
Comments
I tried to use an Apache + SNARE set-up for this, but this results as the Apache proxy IP as originating IP for the attacks. If SNARE itself does not support multiple domains, it might be a good idea to support the X-Forwarded-For header field? See https://stackoverflow.com/questions/760283/apache-proxypass-how-to-preserve-original-ip-address Glad to hear it if there is a solution to preserve the original IP that is currently working. |
No, you are right, x-forwarded-for is the way to go |
I made an ugly quick-fix that works for me. Maybe it is of use for others until this is implemented in Snare in a more clean way than this :-) TannerHandler() in tanner_handler.py: # TEMP FIX FOR FORWARDING
header = {key: value for (key, value) in request.headers.items()}
if 'X-Forwarded-For' in header:
peer = dict(
ip=header['X-Forwarded-For'],
port=request.transport.get_extra_info('peername')[1]
)
## END OF TEMP FIX
data['peer'] = peer |
Does it make sense to support multiple domains or should we recommend nginx + multiple SNARE instance?
The text was updated successfully, but these errors were encountered: