From 2ae7c7df30e13f70a9c7283ee098586335898b49 Mon Sep 17 00:00:00 2001 From: James Droste Date: Tue, 25 Aug 2020 16:29:34 -0700 Subject: [PATCH] Add the ability to customize the IP header field when logging --- app/Model/Log.php | 11 +++++++++-- app/Model/Server.php | 9 +++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/app/Model/Log.php b/app/Model/Log.php index 60525f592..537029dbb 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -104,8 +104,15 @@ class Log extends AppModel if (!empty(Configure::read('MISP.log_skip_db_logs_completely'))) { return false; } - if (Configure::read('MISP.log_client_ip') && isset($_SERVER['REMOTE_ADDR'])) { - $this->data['Log']['ip'] = $_SERVER['REMOTE_ADDR']; + if (Configure::read('MISP.log_client_ip')) { + $ip_header = 'REMOTE_ADDR'; + if (Configure::read('MISP.log_client_ip_header')) { + $ip_header = Configure::read('MISP.log_client_ip_header'); + } + + if (isset($_SERVER[$ip_header])) { + $this->data['Log']['ip'] = $_SERVER[$ip_header]; + } } $setEmpty = array('title' => '', 'model' => '', 'model_id' => 0, 'action' => '', 'user_id' => 0, 'change' => '', 'email' => '', 'org' => '', 'description' => ''); foreach ($setEmpty as $field => $empty) { diff --git a/app/Model/Server.php b/app/Model/Server.php index 8dbac7b80..c394a932c 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -790,6 +790,15 @@ class Server extends AppModel 'type' => 'boolean', 'beforeHook' => 'ipLogBeforeHook' ), + 'log_client_ip_header' => array( + 'level' => 1, + 'description' => __('If log_client_ip is enabled, you can customize which header field contains the client\'s IP address. This is generally used when you have a reverse proxy infront of your MISP instance.'), + 'value' => 'REMOTE_ADDR', + 'errorMessage' => '', + 'test' => 'testForEmpty', + 'type' => 'string', + 'null' => true, + ), 'log_auth' => array( 'level' => 1, 'description' => __('If enabled, MISP will log all successful authentications using API keys. The requested URLs are also logged.'),