Getting the real ip of devices and and users to be logged by Emby.

[Mr.Berzerk 4]

I am running Emby-Linux 4.8.8.0 behind haproxy, running on pfsense with ssl passthrough.
I would like to have the real-ips of connections in Emby.
For my webservers I would add "send-proxy" to the advanced settings of the back end for the server, and I could get the logs to record the real ip.
However, if I add "send-proxy" to the Emby back-end, I can not connect to Emby anymore.

Would anyone know how I can get the real IPs to log with emby? 

Edited September 24, 2024 by Mr.Berzerk

[Lessaj 467]

I'm not that familiar with using HAproxy but I am familiar with pfsense. Take a look at this page and see if that will work.

https://forum.netgate.com/topic/159562/solved-haproxy-forward-client-ip/2

[Mr.Berzerk 4]

Thanks, but that will not work in my case, as ha proxy can only use x-forward-for for http, not ssl passthrough.

[Luke 42077]

Can’t you use the existing headers that are already supported?

[Mr.Berzerk 4]

Yes, I'm trying to make as little customization as possible, but I'm not sure how the Emby headers work, or how/what I need to change in haproxy to pass the info to Emby, so it interprets things correctly.

[darkassassin07 652]

Haven't used haproxy, so I'm not sure on it's config; but for nginx you pass these two headers to pass the correct client ip to emby:

 

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

 

 

I'd look for where/how you can set those.

[Lessaj 467]

X-Forwarded-For should already be a header, I don't set it specifically in my apache reverse proxy but it appears in the logs and it's how it determines the client IP. Both my external reverse proxy as well as the client IP are included in this header.

[darkassassin07 652]

Don't forget this setting (under server network settings)

 

[Thuzad 50]

Add "option forwardfor" to your global section into haproxy.cfg : https://docs.haproxy.org/2.9/configuration.html#4-option forwardfor