Investigate multi site support #36
Comments
|
I tried to use an Apache + SNARE set-up for this, but this results as the Apache proxy IP as originating IP for the attacks. If SNARE itself does not support multiple domains, it might be a good idea to support the X-Forwarded-For header field? See https://stackoverflow.com/questions/760283/apache-proxypass-how-to-preserve-original-ip-address Glad to hear it if there is a solution to preserve the original IP that is currently working. |
|
No, you are right, x-forwarded-for is the way to go |
|
I made an ugly quick-fix that works for me. Maybe it is of use for others until this is implemented in Snare in a more clean way than this :-) TannerHandler() in tanner_handler.py: # TEMP FIX FOR FORWARDING
header = {key: value for (key, value) in request.headers.items()}
if 'X-Forwarded-For' in header:
peer = dict(
ip=header['X-Forwarded-For'],
port=request.transport.get_extra_info('peername')[1]
)
## END OF TEMP FIX
data['peer'] = peer |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Does it make sense to support multiple domains or should we recommend nginx + multiple SNARE instance?
The text was updated successfully, but these errors were encountered: