This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can the WAF operate transparently?

I've finally started experimenting with the Web Application Firewall to help me with a staged migration between two internal web servers. Along the way, I've noticed that the apache logs now show my ASG's address as the originator of all external requests.

I suppose this is to be expected since the ASG is acting as a proxy, but I wondered if there is any way to have WAF operate transparently, or to at least pass along the originator's IP address somehow?

Failing that, does anyone know of a simple way to match-merge the server and ASG proxy logs for troubleshooting and diagnosis?

This thread was automatically locked due to age.

Parents

0 BarryG over 15 years ago

Hi, you might want to post this as a feature request at Astaro Gateway Feature Requests

As far as merging the logs, make sure that the firewall and web server are both using NTP for time sync... of course the apache logs probably only have timestamps to the nearest second, which may not be good enough if there's a lot of traffic.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 15 years ago

Hi, you might want to post this as a feature request at Astaro Gateway Feature Requests

As far as merging the logs, make sure that the firewall and web server are both using NTP for time sync... of course the apache logs probably only have timestamps to the nearest second, which may not be good enough if there's a lot of traffic.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 JonEtkins over 15 years ago in reply to BarryG

Hi, you might want to post this as a feature request at Astaro Gateway Feature Requests

Done.

As far as merging the logs, make sure that the firewall and web server are both using NTP for time sync...

Also done. I use the ASG as my NTP time source for the rest of the LAN.

Cheers.
Cancel
Vote Up 0 Vote Down

Cancel