Update the documentation for the %a and %{c}a logging format strings, and

update the mod-remoteip documentation in line with the new API.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1205075 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/expr.xml b/docs/manual/expr.xml
index 97fd517df1ca326c47a703487a48cadd6607a565..417f7935221b2ee2f1a2243ee12709932ffbc379 100644 (file)
--- a/docs/manual/expr.xml
+++ b/docs/manual/expr.xml
@@ -237,6 +237,9 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"
     <tr><td><code>CONN_LOG_ID</code></td>
         <td>The error log id of the connection (see
             <directive module="core">ErrorLogFormat</directive>)</td></tr>
+    <tr><td><code>CONN_REMOTE_ADDR</code></td>
+        <td>The raw IP address of the remote host (see the
+            <module>mod_remoteip</module> module)</td></tr>
 
     </table>
 

diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml
index 7b3cbf5b1b81d7631876591ceaa117faf3b16c4f..203c1cb0c89d1fdd33a509396a1f8060cd82fc89 100644 (file)
--- a/docs/manual/mod/core.xml
+++ b/docs/manual/mod/core.xml
@@ -1377,6 +1377,10 @@ in case of an error</description>
     <tr><td><code>%a</code></td>
         <td>Remote IP-address and port</td></tr>
 
+    <tr><td><code>%{c}a</code></td>
+        <td>Actual remote IP-address and port (see the
+            <module>mod_remoteip</module> module)</td></tr>
+
     <tr><td><code>%A</code></td>
         <td>Local IP-address and port</td></tr>
 

diff --git a/docs/manual/mod/mod_log_config.xml b/docs/manual/mod/mod_log_config.xml
index 1943d5c2660d41fd4bd0b5bf0d874a5680b22975..907bfda4a2da4ff36079e2128eff3cba4a7d84c0 100644 (file)
--- a/docs/manual/mod/mod_log_config.xml
+++ b/docs/manual/mod/mod_log_config.xml
@@ -73,6 +73,10 @@
     <tr><td><code>%a</code></td>
         <td>Remote IP-address.</td></tr>
 
+    <tr><td><code>%{c}a</code></td>
+        <td>Actual remote IP-address and port (see the
+        <module>mod_remoteip</module> module)</td></tr>
+
     <tr><td><code>%A</code></td>
         <td>Local IP-address.</td></tr>
 

diff --git a/docs/manual/mod/mod_remoteip.xml b/docs/manual/mod/mod_remoteip.xml
index 695f4b2205485ee7ac8552a6c251ec1f6ae75567..547542c748bb34d5668b73cab949031d13ed0633 100644 (file)
--- a/docs/manual/mod/mod_remoteip.xml
+++ b/docs/manual/mod/mod_remoteip.xml
@@ -23,9 +23,9 @@
 <modulesynopsis metafile="mod_remoteip.xml.meta">
 
 <name>mod_remoteip</name>
-<description>Replaces the apparent client remote IP address and hostname
-for the request with the IP address list presented by a proxies or a load
-balancer via the request headers.
+<description>Replaces the apparent client remote IP address for the request
+with the IP address list presented by a proxies or a load balancer via the
+request headers.
 </description>
 
 <status>Base</status>
@@ -38,22 +38,19 @@ balancer via the request headers.
     purposes of authorization and logging, even where that remote host is
     behind a load balancer, front end server, or proxy server.</p>
 
-    <p>The module replaces the apparent remote (client) IP/hostname for
+    <p>The module overrides the apparent remote (client) IP for
     the request with the IP address reported in the request header
     configured with the <directive>RemoteIPHeader</directive> directive.</p>
 
     <p>Once replaced as instructed, this apparent IP address is then used
-    for <module>mod_authz_host</module> features
-    <directive module="mod_authz_host" type="section">Require host</directive>
-    and <directive module="mod_authz_host" type="section">Require ip</directive>,
+    for the <module>mod_authz_host</module>
+    <directive module="mod_authz_host" type="section">Require ip</directive> feature,
     is reported by <module>mod_status</module>, and is recorded by
-    <module>mod_log_config</module> <code>%a</code> and <code>%h</code>
-    directives.  It also determines the machine probed for an inetd
-    identity by <module>mod_ident</module> based on the
-    <directive module="mod_ident">IdentityCheck</directive> configuration.</p>
+    <module>mod_log_config</module> <code>%a</code> and <module>core</module>
+    <code>%a</code> format strings. The original remote IP of the connection is
+    available in the <code>%{c}a</code> format string.</p>
 
     <note type="warning">It is critical to only enable this behavior from
-
     intermediate hosts (proxies, etc) which are trusted by this server, since
     it is trivial for the remote client to impersonate another client.</note>
 </summary>
@@ -61,7 +58,6 @@ balancer via the request headers.
 <seealso><module>mod_authz_host</module></seealso>
 <seealso><module>mod_status</module></seealso>
 <seealso><module>mod_log_config</module></seealso>
-<seealso><module>mod_ident</module></seealso>
 
 <section id="processing"><title>Remote IP Processing</title>
 
@@ -72,13 +68,12 @@ balancer via the request headers.
 
     <p>mod_remoteip replaces the true remote_ip with the advertised remote_ip as
     provided by a proxy, for every evaluation of the client that occurs in the
-    server, and resets the remote_host and remote_logname values to trigger a
-    fresh dns or ident query of the remote IP address.</p>
+    server.</p>
 
     <p>When multiple, comma delimited remote IP addresses are listed in the
     header value, they are processed in Right-to-Left order.  Processing
     halts when a given remote IP address is not trusted to present the
-    preceeding IP address.  The header field is updated to this remaining
+    preceding IP address.  The header field is updated to this remaining
     list of unconfirmed IP addresses, or if all IP addresses were trusted,
     this header is removed from the request altogether.</p>