[GH-ISSUE #4978] Server site of frps LOG cannot record real IPs for fail2ban jail analysis

Originally created by @Jir8taiwan on GitHub (Sep 15, 2025). Original GitHub issue: https://github.com/fatedier/frp/issues/4978 ### Bug Description My application might be special case, but I want to record real IPs to ensure sercurity. My internal net pc can only use port 80 to go outside. My external server in google cloud is using Nginx with HTTPS protocol and rewriting to internal pc for my python app service (HTTP protocol). My project function is working properly, but it has question as following. I can read log in frps, but it is always showing off the IP which is my external server in google cloud. I cannot read log in frps with real IPs who are doing insuitable acts. Although Nginx access.log can read the IPs which are trying not existed folder, frps log cannot record the error acts with those real IPs from their forwarded links. Is any missing configure way or alternative solution can be adviced? Thanks. ### frpc Version 0.63.0 (private network of Win10 pro) ### frps Version 0.64.0 (Google cloud VM of ubuntu linux) ### System Architecture Server: linux/amd64 and Client: windows/amd64 ### Configurations SERVER side: bindAddr = "0.0.0.0" bindPort = 80 subdomainHost = "duckdns.org" vhostHTTPPort = 80 vhostHTTPSPort = 80 log.to = "/opt/frp/frps.log" log.level = "debug" log.maxDays = 3 log.disablePrintColor = false detailedErrorsToClient = true transport.maxPoolCount = 15 transport.tcpMux = true transport.tcpMuxKeepaliveInterval = 30 transport.tcpKeepalive = 7200 transport.tls.force = true custom404Page = "/opt/frp/404.html" SERVER side of Nginx setting: server { listen 443 ssl; http2 on; (... # managed by Certbot ...) ##PROXY-START / location /serverwebhookcallback { rewrite ^/serverwebhookcallback(.*)$ /clientcallback $1 break; proxy_pass http://127.0.0.1:80 ; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; add_header X-Cache $upstream_cache_status; set $static_filemi146aOz 0; if ( $uri ~* "\.(gif|png|jpg|css|js)$" ) { set $static_filemi146aOz 1; expires 12h; } if ( $static_filemi146aOz = 0 ) { add_header Cache-Control no-cache; } } ##PROXY-END / location / { return 302 https://www.google.com; } } CLIENT side: user = "clientsidepc" serverAddr = "frpserver.duckdns.org" serverPort = 80 log.to = "./frpc.log" log.level = "info" log.maxDays = 3 log.disablePrintColor = false transport.tls.enable = true transport.tls.disableCustomTLSFirstByte = false [[proxies]] name = "appproxy" type = "http" localIp = "127.0.0.1" localPort = 8080 subdomain = "frpclient" #transport.proxyProtocolVersion = "v2" ##<-- I cannot use because it will fail my project app connection. ### Logs Server: $ sudo tail /opt/frp/frps.log 2025-09-15 14:55:45.340 [D] [server/control.go:272] [f64ca6ce981dc3b4] get work connection from pool 2025-09-15 14:55:45.340 [D] [proxy/proxy.go:131] [f64ca6ce981dc3b4] [clientsidepc.appproxy] get a new work connection: [123.123.123.123:14053] 2025-09-15 14:55:45.483 [D] [server/control.go:243] [f64ca6ce981dc3b4] new work connection registered 2025-09-15 15:03:01.254 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123:80] error: no route found: 35.212.123.123 / 2025-09-15 15:06:40.877 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123] error: no route found: 35.212.123.123 /ReportServer 2025-09-15 15:35:25.984 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123:80] error: no route found: 35.212.123.123 / 2025-09-15 15:41:36.042 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123] error: no route found: 35.212.123.123 / 2025-09-15 15:44:09.979 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123] error: no route found: 35.212.123.123 / ### Steps to reproduce 1. 2. 3. ... ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others

gitea-mirror commented

2026-05-05 14:30:04 -06:00

Owner

Originally created by @Jir8taiwan on GitHub (Sep 15, 2025).
Original GitHub issue: https://github.com/fatedier/frp/issues/4978

Bug Description

My application might be special case, but I want to record real IPs to ensure sercurity.
My internal net pc can only use port 80 to go outside.
My external server in google cloud is using Nginx with HTTPS protocol and rewriting to internal pc for my python app service (HTTP protocol).
My project function is working properly, but it has question as following.
I can read log in frps, but it is always showing off the IP which is my external server in google cloud.
I cannot read log in frps with real IPs who are doing insuitable acts.
Although Nginx access.log can read the IPs which are trying not existed folder, frps log cannot record the error acts with those real IPs from their forwarded links.
Is any missing configure way or alternative solution can be adviced?
Thanks.

frpc Version

0.63.0 (private network of Win10 pro)

frps Version

0.64.0 (Google cloud VM of ubuntu linux)

System Architecture

Server: linux/amd64 and Client: windows/amd64

Configurations

SERVER side:
bindAddr = "0.0.0.0"
bindPort = 80
subdomainHost = "duckdns.org"
vhostHTTPPort = 80
vhostHTTPSPort = 80
log.to = "/opt/frp/frps.log"
log.level = "debug"
log.maxDays = 3
log.disablePrintColor = false
detailedErrorsToClient = true
transport.maxPoolCount = 15
transport.tcpMux = true
transport.tcpMuxKeepaliveInterval = 30
transport.tcpKeepalive = 7200
transport.tls.force = true
custom404Page = "/opt/frp/404.html"

SERVER side of Nginx setting:
server {
listen 443 ssl;
http2 on;
(... # managed by Certbot ...)
##PROXY-START /
location /serverwebhookcallback {
rewrite ^/serverwebhookcallback(.)$ /clientcallback $1 break;
proxy_pass http://127.0.0.1:80 ;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header X-Cache $upstream_cache_status;
set $static_filemi146aOz 0;
if ( $uri ~ ".(gif|png|jpg|css|js)$" )
{
set $static_filemi146aOz 1;
expires 12h;
}
if ( $static_filemi146aOz = 0 )
{
add_header Cache-Control no-cache;
}
}
##PROXY-END /
location / {
return 302 https://www.google.com;
}
}

CLIENT side:
user = "clientsidepc"
serverAddr = "frpserver.duckdns.org"
serverPort = 80
log.to = "./frpc.log"
log.level = "info"
log.maxDays = 3
log.disablePrintColor = false
transport.tls.enable = true
transport.tls.disableCustomTLSFirstByte = false
proxies
name = "appproxy"
type = "http"
localIp = "127.0.0.1"
localPort = 8080
subdomain = "frpclient"
#transport.proxyProtocolVersion = "v2" ##<-- I cannot use because it will fail my project app connection.

Logs

Server:
$ sudo tail /opt/frp/frps.log
2025-09-15 14:55:45.340 [D] [server/control.go:272] [f64ca6ce981dc3b4] get work connection from pool
2025-09-15 14:55:45.340 [D] [proxy/proxy.go:131] [f64ca6ce981dc3b4] [clientsidepc.appproxy] get a new work connection: [123.123.123.123:14053]
2025-09-15 14:55:45.483 [D] [server/control.go:243] [f64ca6ce981dc3b4] new work connection registered
2025-09-15 15:03:01.254 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123:80] error: no route found: 35.212.123.123 /
2025-09-15 15:06:40.877 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123] error: no route found: 35.212.123.123 /ReportServer
2025-09-15 15:35:25.984 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123:80] error: no route found: 35.212.123.123 /
2025-09-15 15:41:36.042 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123] error: no route found: 35.212.123.123 /
2025-09-15 15:44:09.979 [W] [httputil/reverseproxy.go:486] do http proxy request [host: 35.212.123.123] error: no route found: 35.212.123.123 /

Steps to reproduce

...

Affected area

Docs
Installation
Performance and Scalability
Security
User Experience
Test and Release
Developer Infrastructure
Client Plugin
Server Plugin
Extensions
Others

gitea-mirror

closed this issue
added the
lifecycle/stale
label

2026-05-05 14:30:08 -06:00

Author

@fatedier commented on GitHub (Sep 15, 2025):

This capability isn’t available yet. It’s included on our longer-term roadmap.

@fatedier commented on GitHub (Sep 15, 2025): This capability isn’t available yet. It’s included on our longer-term roadmap.

2026-05-05 14:30:09 -06:00

@tusharrrr1 commented on GitHub (Sep 15, 2025):

Use Nginx logs for real IP monitoring and security rules.

If you must see real IPs in frps.log, experiment with Proxy Protocol v2, aligning Nginx, frps, and frpc configs.

Allow me to work on this if possible

@tusharrrr1 commented on GitHub (Sep 15, 2025): Use Nginx logs for real IP monitoring and security rules. If you must see real IPs in frps.log, experiment with Proxy Protocol v2, aligning Nginx, frps, and frpc configs. Allow me to work on this if possible

2026-05-05 14:30:10 -06:00

@github-actions[bot] commented on GitHub (Sep 30, 2025):

Issues go stale after 14d of inactivity. Stale issues rot after an additional 3d of inactivity and eventually close.

@github-actions[bot] commented on GitHub (Sep 30, 2025): Issues go stale after 14d of inactivity. Stale issues rot after an additional 3d of inactivity and eventually close.

Rows
Columns

[GH-ISSUE #4978] Server site of frps LOG cannot record real IPs for fail2ban jail analysis #3923