请教公网出入口不同的NAT VPS，Nginx如何获取到真实访客IP

共计 2325 个字符，预计需要花费 6 分钟才能阅读完成。

求大佬们指点，
买了个鸡仔云，打算穿透家里的小鸡出来做后端。
已经用 frp 穿透到 28000 端口，
已知入口 IP 为：1.2.3.4
通过 curl 测试 IP 得值：4.3.2.1
应该是出入口 IP 不同？
通过指定 hosts 访问测试站点，但查看日志，获取到的 IP 全都是 4.3.2.1
如果启用 ”proxy_protocol” 则浏览器无法访问，就注释了。
openresty 即 nginx 加功能版，http 配置里设置了    set_real_ip_from 0.0.0.0/0;     real_ip_header X-Forwarded-For; 复制代码
server 配置如下 server {listen 80 ;     listen 443 ssl http2 ;    # 启用代理协议    #listen 80 proxy_protocol ;     #listen 443 ssl http2 proxy_protocol ;     server_name cq.abc.local;     index index.php index.html index.htm default.php default.htm default.html;     proxy_set_header Host $host;     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;     proxy_set_header X-Forwarded-Host $server_name;     proxy_set_header X-Real-IP $remote_addr;     proxy_http_version 1.1;     proxy_set_header Upgrade $http_upgrade;     proxy_set_header Connection “upgrade”;     # 配置用于获取真实客户端 IP 的头信息    #real_ip_header proxy_protocol;    real_ip_recursive on;    #    access_log /www/sites/cq.abc.local/log/access.log;     error_log /www/sites/cq.abc.local/log/error.log;     location ^~ /.well-known/acme-challenge {        allow all;         root /usr/share/nginx/html;}    root /www/sites/cq.abc.local/index;     if ($scheme = http) {return 301 https://$host$request_uri;}    ssl_certificate /www/sites/cq.abc.local/ssl/fullchain.pem;     ssl_certificate_key /www/sites/cq.abc.local/ssl/privkey.pem;     ssl_protocols TLSv1.3;     ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;     ssl_prefer_server_ciphers on;     ssl_session_cache shared:SSL:10m;     ssl_session_timeout 10m;     add_header Strict-Transport-Security “max-age=31536000”;     error_page 497 https://$host$request_uri;     proxy_set_header X-Forwarded-Proto https;     ssl_stapling on;     ssl_stapling_verify on;     include /www/sites/cq.abc.local/proxy/*.conf; } 复制代码
反代的 location 如下 location ^~ / {proxy_pass https://127.0.0.1:28000;     proxy_set_header Host $host;     proxy_set_header X-Real-IP $remote_addr;     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;     proxy_set_header REMOTE-HOST $remote_addr;     proxy_set_header Upgrade $http_upgrade;     proxy_set_header Connection “upgrade”;     proxy_set_header X-Forwarded-Proto $scheme;     proxy_http_version 1.1;     add_header X-Cache $upstream_cache_status;     add_header Strict-Transport-Security “max-age=31536000”;     add_header Cache-Control no-cache;     # 禁用缓存    proxy_cache off;     # Disable buffering when the nginx proxy gets very resource heavy upon streaming    proxy_buffering off;} 复制代码