I don't really think WAF side has passed in real IP in X-Forwarded-For Http header!!
For Example: If I manually add a fake X-Forward-For header, our nginx is able to receive it.
In the picture, it shows a flow:
10.237.37.114 (just passthrough X-Forward-For if any, didn't append the upstream IP) -> 10.237.37.110 (append 10.237.37.114 to X-Forward-For) -> 10.244.9.73 (our nginx)
This pic means our OCI LB and nginx are fine, they respect the passed in X-Forwarded-For, so if WAF passes it then we'll get it.
For the first 10.237.37.114, some questions:
- What's this IP?
- What's the upstream of this IP?
Kindly find PFA.
No CommentsBe the first to comment