6

I setup a http server (apache) under VB and forward the port from the host using the available tool in VB. My VB network is NAT connected with the host.

However when doing this the access log of http only show the same ip address for every connection. (from 10.x.x.x which is the host ip address).

Is there anyway to see the real ip address ? I tried to setup an iptables log at the host but It does not show the data (only src,dest.ttl.. you know ..)

iKid
  • 165
  • 5
  • 1
    Setup virtual box to bridge the connection, and give it a real address. – Zoredache Apr 17 '12 at 22:58
  • @Zoredache: My LAN network doesn't allow bridge.. somehow It breaks also my host internet connection. also bridge does not provide 'port-forwarding' option – iKid Apr 17 '12 at 23:05

2 Answers2

4

You can set the NAT in your VM with

vboxmanage --nataliasmode1 proxyonly

to disable aliasing and switch NAT into transparent mode.

See here for more: https://www.virtualbox.org/manual/ch09.html#nat-adv-alias

lucius
  • 41
  • 1
3

Your VM is behind NAT in your setup and you actually access the webserver through port forwarding, so you can't reveal clients' IPs using just virtualbox. One thing you can do is to setup somewhat lightweight webserver on your host (like nginx or lighttpd) which will listen 80 port on your network while working in reverse proxy mode to your forwarded port so your VM works like a backend in this setup. To get the client IP address this webserver should pass some additional variables like X-Real-IP, Host, X-Forwarded-For (here's example virtualhost for nginx assuming your VM forwards its 80 port to local 8080):

server {
    listen 80;
    server_name example.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header X-Real-IP $remote_arrd;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
    }
}
jollyroger
  • 1,650
  • 11
  • 19
  • should I remove the port-forwarding from VB after setting this up ? – iKid Apr 18 '12 at 06:41
  • No, if you do that the webserver won't be able to connect to your VM. For this example you should forward your VM's 80 pport to local 8080 port. – jollyroger Apr 18 '12 at 06:47
  • Ok if I understand correctly ppl access through my ip @ port 80 ? then it forward to 8080 which will forward to VB in port 80 again ? – iKid Apr 18 '12 at 06:51
  • This setup assumes people will access your host via `example.com` domain name. If you don't want to create a DNS name for yourself (somewhere on your gateway/router) change `server_name` line to `server_name example.com default;`. This will make all requests to your IP on port 80 pass to the backend. – jollyroger Apr 18 '12 at 07:03
  • thanks, I successfully have nginx worked and I can see the access to my server through nginx access_log with correct ip. Is there anyway to do the same for error_log ? – iKid Apr 18 '12 at 09:01
  • See http://nginx.org/en/docs/ngx_core_module.html#error_log and http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log. BTW, it's not related to the original question any more. – jollyroger Apr 18 '12 at 09:09
  • nvm I install mod_rpaf so I can view the log directly in VB. thanks – iKid Apr 18 '12 at 09:14