github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 16:15:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #4109] frpc客户端不能通过X-Forwarded-For获取到 realip #3241

New issue
Closed
opened 2026-05-05 14:05:38 -06:00 by gitea-mirror · 0 comments
gitea-mirror commented 2026-05-05 14:05:38 -06:00
Owner
Copy link

Originally created by @acmookey on GitHub (Mar 27, 2024).
Original GitHub issue: https://github.com/fatedier/frp/issues/4109

Bug Description

  • 网络结构
    外网Nginx <=> frps <=> 内网frpc
  • 问题描述
    保持以上网络结构以及配置不变的情况下,在0.55.1和 目前最新版本0.56.0的frpc客户端中,使用 X-Forwarded-For不能获取到客户端IP。tcp报文见 logs部分

frpc Version

0.55.1

frps Version

0.55.1

System Architecture

linux/arm64

Configurations

  • 外网Nginx
map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}
server {
  listen 443 ssl http2;
  server_name umami.test.com;

  include tls/_.test.conf;

  location / {
    proxy_pass http://127.0.0.1:9999;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_http_version 1.1;
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection $connection_upgrade;

    proxy_connect_timeout 3m;
    proxy_send_timeout 3m;
    proxy_read_timeout 3m;

    client_max_body_size 0; # Stream request body to backend

    proxy_buffering off;
    proxy_request_buffering off;
    proxy_redirect off;
  }
}
  • frps.toml
vhostHTTPPort    = 9999
  • frpc.toml
[[proxies]]
name      = "umami"
type      = "http"
localPort = 8092
customDomains = ["umami.test.com"]

Logs

使用tcpdump抓取了frpc客户端所在机器中 8092 端口TCP报文

tcpdump -i lo -n  tcp port 8092 -XXvvvnn -s0

不同版本的frp报文如下:

  • frps: 0.54.0 frpc: 0.54.0
	0x0280:  2d53 6974 653a 2073 616d 652d 7369 7465  -Site:.same-site
	0x0290:  0d0a 582d 466f 7277 6172 6465 642d 466f  ..X-Forwarded-Fo
	0x02a0:  723a 2031 3230 2e32 3330 2e38 302e 3730  r:.120.230.80.70
	0x02b0:  2c20 3132 372e 302e 302e 310d 0a58 2d46  ,.127.0.0.1..X-F
  • frps: 0.55.1 frpc: 0.55.1
	0x0280:  2d53 6974 653a 2073 616d 652d 7369 7465  -Site:.same-site
	0x0290:  0d0a 582d 466f 7277 6172 6465 642d 466f  ..X-Forwarded-Fo
	0x02a0:  723a 2031 3237 2e30 2e30 2e31 0d0a 582d  r:.127.0.0.1..X-
  • frps: 0.56.0 frpc: 0.56.0
	0x0280:  2d53 6974 653a 2073 616d 652d 7369 7465  -Site:.same-site
	0x0290:  0d0a 582d 466f 7277 6172 6465 642d 466f  ..X-Forwarded-Fo
	0x02a0:  723a 2031 3237 2e30 2e30 2e31 0d0a 582d  r:.127.0.0.1..X-

Steps to reproduce

1、将frps以及frpc 从0.54.0版本升级到 0.55.1版本,访问代理服务时通过tcpdump抓取报文发现 X-Forwarded-For相较0.54.0版本缺少了客户端真实ip 120.230.80.70
2、当前最新版本 0.56.0也存在该问题

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @acmookey on GitHub (Mar 27, 2024). Original GitHub issue: https://github.com/fatedier/frp/issues/4109 ### Bug Description - 网络结构 `外网Nginx` <=> `frps` <=> `内网frpc` - 问题描述 保持以上网络结构以及配置不变的情况下,在`0.55.1`和 目前最新版本`0.56.0`的frpc客户端中,使用 `X-Forwarded-For`不能获取到客户端IP。tcp报文见 `logs部分` ### frpc Version 0.55.1 ### frps Version 0.55.1 ### System Architecture linux/arm64 ### Configurations - 外网Nginx ```bash map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 443 ssl http2; server_name umami.test.com; include tls/_.test.conf; location / { proxy_pass http://127.0.0.1:9999; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_connect_timeout 3m; proxy_send_timeout 3m; proxy_read_timeout 3m; client_max_body_size 0; # Stream request body to backend proxy_buffering off; proxy_request_buffering off; proxy_redirect off; } } ``` - frps.toml ```toml vhostHTTPPort = 9999 ``` - frpc.toml ```toml [[proxies]] name = "umami" type = "http" localPort = 8092 customDomains = ["umami.test.com"] ``` ### Logs 使用tcpdump抓取了frpc客户端所在机器中 8092 端口TCP报文 ```bash tcpdump -i lo -n tcp port 8092 -XXvvvnn -s0 ``` 不同版本的frp报文如下: - frps: `0.54.0` frpc: `0.54.0` ```bash 0x0280: 2d53 6974 653a 2073 616d 652d 7369 7465 -Site:.same-site 0x0290: 0d0a 582d 466f 7277 6172 6465 642d 466f ..X-Forwarded-Fo 0x02a0: 723a 2031 3230 2e32 3330 2e38 302e 3730 r:.120.230.80.70 0x02b0: 2c20 3132 372e 302e 302e 310d 0a58 2d46 ,.127.0.0.1..X-F ``` - frps: `0.55.1` frpc: `0.55.1` ```bash 0x0280: 2d53 6974 653a 2073 616d 652d 7369 7465 -Site:.same-site 0x0290: 0d0a 582d 466f 7277 6172 6465 642d 466f ..X-Forwarded-Fo 0x02a0: 723a 2031 3237 2e30 2e30 2e31 0d0a 582d r:.127.0.0.1..X- ``` - frps: `0.56.0` frpc: `0.56.0` ```bash 0x0280: 2d53 6974 653a 2073 616d 652d 7369 7465 -Site:.same-site 0x0290: 0d0a 582d 466f 7277 6172 6465 642d 466f ..X-Forwarded-Fo 0x02a0: 723a 2031 3237 2e30 2e30 2e31 0d0a 582d r:.127.0.0.1..X- ``` ### Steps to reproduce 1、将frps以及frpc 从`0.54.0`版本升级到 `0.55.1`版本,访问代理服务时通过tcpdump抓取报文发现 `X-Forwarded-For`相较`0.54.0`版本缺少了客户端真实ip 120.230.80.70 2、当前最新版本 `0.56.0`也存在该问题 ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror 2026-05-05 14:05:38 -06:00
  • closed this issue
  • added the
    bug
         label
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#3241
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?