From: Graham Leggett <minfrin@apache.org>
Date: Tue, 22 Nov 2011 16:50:00 +0000 (+0000)
Subject: Update the documentation for the %a and %{c}a logging format strings, and
X-Git-Tag: 2.5.0-alpha~7829
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e6810567ce9096996c2aeef561fd35d90d2d35dc;p=apache

Update the documentation for the %a and %{c}a logging format strings, and
update the mod-remoteip documentation in line with the new API.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1205075 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/expr.xml b/docs/manual/expr.xml
index 97fd517df1..417f793522 100644
--- a/docs/manual/expr.xml
+++ b/docs/manual/expr.xml
@@ -237,6 +237,9 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"
     <tr><td><code>CONN_LOG_ID</code></td>
         <td>The error log id of the connection (see
             <directive module="core">ErrorLogFormat</directive>)</td></tr>
+    <tr><td><code>CONN_REMOTE_ADDR</code></td>
+        <td>The raw IP address of the remote host (see the
+            <module>mod_remoteip</module> module)</td></tr>
 
     </table>
 
diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml
index 7b3cbf5b1b..203c1cb0c8 100644
--- a/docs/manual/mod/core.xml
+++ b/docs/manual/mod/core.xml
@@ -1377,6 +1377,10 @@ in case of an error</description>
     <tr><td><code>%a</code></td>
         <td>Remote IP-address and port</td></tr>
 
+    <tr><td><code>%{c}a</code></td>
+        <td>Actual remote IP-address and port (see the
+            <module>mod_remoteip</module> module)</td></tr>
+
     <tr><td><code>%A</code></td>
         <td>Local IP-address and port</td></tr>
 
diff --git a/docs/manual/mod/mod_log_config.xml b/docs/manual/mod/mod_log_config.xml
index 1943d5c266..907bfda4a2 100644
--- a/docs/manual/mod/mod_log_config.xml
+++ b/docs/manual/mod/mod_log_config.xml
@@ -73,6 +73,10 @@
     <tr><td><code>%a</code></td>
         <td>Remote IP-address.</td></tr>
 
+    <tr><td><code>%{c}a</code></td>
+        <td>Actual remote IP-address and port (see the
+        <module>mod_remoteip</module> module)</td></tr>
+
     <tr><td><code>%A</code></td>
         <td>Local IP-address.</td></tr>
 
diff --git a/docs/manual/mod/mod_remoteip.xml b/docs/manual/mod/mod_remoteip.xml
index 695f4b2205..547542c748 100644
--- a/docs/manual/mod/mod_remoteip.xml
+++ b/docs/manual/mod/mod_remoteip.xml
@@ -23,9 +23,9 @@
 <modulesynopsis metafile="mod_remoteip.xml.meta">
 
 <name>mod_remoteip</name>
-<description>Replaces the apparent client remote IP address and hostname
-for the request with the IP address list presented by a proxies or a load
-balancer via the request headers.
+<description>Replaces the apparent client remote IP address for the request
+with the IP address list presented by a proxies or a load balancer via the
+request headers.
 </description>
 
 <status>Base</status>
@@ -38,22 +38,19 @@ balancer via the request headers.
     purposes of authorization and logging, even where that remote host is
     behind a load balancer, front end server, or proxy server.</p>
 
-    <p>The module replaces the apparent remote (client) IP/hostname for
+    <p>The module overrides the apparent remote (client) IP for
     the request with the IP address reported in the request header
     configured with the <directive>RemoteIPHeader</directive> directive.</p>
 
     <p>Once replaced as instructed, this apparent IP address is then used
-    for <module>mod_authz_host</module> features
-    <directive module="mod_authz_host" type="section">Require host</directive>
-    and <directive module="mod_authz_host" type="section">Require ip</directive>,
+    for the <module>mod_authz_host</module>
+    <directive module="mod_authz_host" type="section">Require ip</directive> feature,
     is reported by <module>mod_status</module>, and is recorded by
-    <module>mod_log_config</module> <code>%a</code> and <code>%h</code>
-    directives.  It also determines the machine probed for an inetd
-    identity by <module>mod_ident</module> based on the
-    <directive module="mod_ident">IdentityCheck</directive> configuration.</p>
+    <module>mod_log_config</module> <code>%a</code> and <module>core</module>
+    <code>%a</code> format strings. The original remote IP of the connection is
+    available in the <code>%{c}a</code> format string.</p>
 
     <note type="warning">It is critical to only enable this behavior from
-
     intermediate hosts (proxies, etc) which are trusted by this server, since
     it is trivial for the remote client to impersonate another client.</note>
 </summary>
@@ -61,7 +58,6 @@ balancer via the request headers.
 <seealso><module>mod_authz_host</module></seealso>
 <seealso><module>mod_status</module></seealso>
 <seealso><module>mod_log_config</module></seealso>
-<seealso><module>mod_ident</module></seealso>
 
 <section id="processing"><title>Remote IP Processing</title>
 
@@ -72,13 +68,12 @@ balancer via the request headers.
 
     <p>mod_remoteip replaces the true remote_ip with the advertised remote_ip as
     provided by a proxy, for every evaluation of the client that occurs in the
-    server, and resets the remote_host and remote_logname values to trigger a
-    fresh dns or ident query of the remote IP address.</p>
+    server.</p>
 
     <p>When multiple, comma delimited remote IP addresses are listed in the
     header value, they are processed in Right-to-Left order.  Processing
     halts when a given remote IP address is not trusted to present the
-    preceeding IP address.  The header field is updated to this remaining
+    preceding IP address.  The header field is updated to this remaining
     list of unconfirmed IP addresses, or if all IP addresses were trusted,
     this header is removed from the request altogether.</p>