Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nginx http分流VLESS(gRPC), 如何传递客户端IP给VLESS? #766

Closed
laughtale233 opened this issue Oct 13, 2021 · 4 comments · Fixed by #769
Closed

nginx http分流VLESS(gRPC), 如何传递客户端IP给VLESS? #766

laughtale233 opened this issue Oct 13, 2021 · 4 comments · Fixed by #769

Comments

@laughtale233
Copy link

nginx 配置:

http {
    server {    
        listen 443 ssl http2;    
        server_name domain.com;
        ...
        ssl
        ...
        location /serverName/Tun {
            grpc_pass 127.0.0.1:9000; 
            grpc_set_header X-Real-IP $remote_addr;
        }
    }
}

grpc可以通过设置header传递客户端IP,
Xray好像不能读取客户端IP.
@laughtale233
Copy link
Author

另外如果使用nginx的stream模块转发grpc流量给Xray, 不能开启proxy_protocol, 否则线路不通.
grpcSettings是否需要加上AcceptProxyProtocol?

@badO1a5A90
Copy link
Member

badO1a5A90 commented Oct 14, 2021
edited

另外如果使用nginx的stream模块转发grpc流量给Xray, 不能开启proxy_protocol, 否则线路不通. grpcSettings是否需要加上AcceptProxyProtocol?

stream 分流的话, 在正常可用的配置中
nginx 的 配置文件的 stream 打开发送 proxy protocol, 即添加 proxy_protocol on;
xray 开启接收, 在服务端 xray 的 streamSettings 配置中增加

        "sockopt": {
          "acceptProxyProtocol": true
        }

(tcp ws 有自己的配置, 也可以通过此处配置)

@laughtale233
Copy link
Author

一直在看全局的tcpSettings和grpcSettings, 忽略了streamSettings. 谢谢解答.

lucifer9 added a commit to lucifer9/Xray-core that referenced this issue Oct 14, 2021
@lucifer9
gRPC: Parse X-Real-IP header, fix XTLS#766
67d7c81
@lucifer9 lucifer9 mentioned this issue Oct 14, 2021
Merged
badO1a5A90 pushed a commit that referenced this issue Oct 14, 2021
@lucifer9
gRPC: Parse X-Real-IP header, fix #766 (#769)
5e60616
@badO1a5A90
Copy link
Member

@laughtale233
#769 已经解决了grpc 使用 http 分流时也读取真实IP的问题
注: 与 stream 分流不同, 这里不需要开启acceptProxyProtocol

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

gRPC: Parse X-Real-IP header lucifer9/Xray-core
2 participants
@badO1a5A90 @laughtale233