mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 17:05:18 +00:00
7a4737e459
Migrated remaining docs pages as part of the July 31st docs re-org project. (See https://github.com/fleetdm/fleet/issues/13684) Changes: - Removed "Commands" section from fleet-server-configuration.md - Moved systemd, using a proxy, SSO, and public IP content to the "Deploy" docs and added stubs in the original file to preserve bookmarked links. - Changed the headings of the original stubs in the point above to be wrapped in an HTML H2 tag to hide them from the "On this page navigation." - Updated left side-bar styling to match wireframes. # Checklist for submitter - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
1.3 KiB
1.3 KiB
Public IPs of devices
IMPORTANT: In order for this feature to work properly, devices must connect to Fleet via the public internet. If the agent connects to Fleet via a private network then the "Public IP address" for such device will not be set.
Fleet attempts to deduce the public IP of devices from well-known HTTP headers received on requests made by the osquery agent.
The HTTP request headers are checked in the following order:
- If
True-Client-IPheader is set, then Fleet will extract its value. - If
X-Real-IPheader is set, then Fleet will extract its value. - If
X-Forwarded-Forheader is set, then Fleet will extract the first comma-separated value. - If none of the above headers are present in the HTTP request then Fleet will attempt to use the remote address of the TCP connection (note that on deployments with ingress proxies the remote address seen by Fleet is the IP of the ingress proxy).
If the IP retrieved using the above heuristic belongs to a private range, then Fleet will ignore it and will not set the "Public IP address" field for the device.