Real IP addresses in the log nginx?

Good day to everyone, looking for help, tips. This topic comes up in discussions sometimes and there seems to be no answer. And the problem is probably not in Nginx but in the general structure of Docker, maybe someone managed to overcome this problem.

In short, there is such a scheme of the home network


There is nothing between the router and NPM, just a direct port forwarding to the container with the NPM ( 80, 443).

A network has been created
docker network create --subnet= dockernet

        "Name": "dockernet",
        "Id": "c4adfaa3b7f9ab40033148eff94e842000ba432c7859d36880f3d90d8f65eeec",
        "Created": "2023-08-03T13:44:55.660546114Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                    "Subnet": "",
                    "Gateway": ""
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        "ConfigOnly": false,
        "Containers": {
            "386b3da1199514513a0e07e75c6bd534839cf70ec8240c8499c6ec567c98961a": {
                "Name": "nginx-proxy-manager-db",
                "EndpointID": "e8444c6476f9c75025856956f70e6e0971694d2b300e33008f174e233e46be74",
                "MacAddress": "03:52:ac:10:00:23",
                "IPv4Address": "",
                "IPv6Address": ""
            "72a1eb294bc4a0d51494caf413f28dbd7109b06323a944840870373516f5000f": {
                "Name": "nginx-proxy-manager",
                "EndpointID": "b1e410db3772423852a21c85d35514acd5620e146fc90d960c7a2a7b5a26878e",
                "MacAddress": "03:52:ac:10:00:22",
                "IPv4Address": "",
                "IPv6Address": ""
+ Other containers
        "Options": {},
        "Labels": {}

Hosts have been added to NPM, everything works fine, full Internet access to all resources

To view logs, I use goaccess (xavierh/goaccess-for-nginxproxymanager). But the whole problem is that only one client address appears everywhere in the log - (takes information (parses) for display directly from the npm logs folder).

Is it possible on this configuration to ensure that the logs display the real addresses of connecting clients?
All the options found on the Internet and suggested by chatgpt :slight_smile: did not help me. It’s possible, of course, to configure the router settings, but I didn’t find anything suitable in the standard firmware…

Technically impossible with Docker Desktop. You would need host, macvlan or ipvlan networking to retain the source ip. Even though they can be configured, effectively they can not work in Docker Desktop, as it runs the Docker engine in a utitlity-vm, and has a private ip that is not related to your Windows host, so all these networks would base on the network interface of the utility-vm.

The only network types you can use with DOcker Desktop are “bridge” and “overlay” - both don’t retain the source ip. Overlay is only available if the Swarm mode is enabled.

Does it matter what Docker is deployed on, Windows or Linux? That is, Nginx will receive real IP addresses only if it is deployed outside of Docker?

Your first question indicates you did not research on your own. I wrote about Docker Desktop in general, as regardless of the OS, every version is affected. A short google search or look in the documentation should have yielded that the other version is Docker-CE, which is only available for Linux.

If you are able to configure a reverse proxy on your host, to use the proxy protocol when forwarding the traffic to your containerized nginx, it should be possible. If it does not retain the source ip, at least it allows setting the x-forwarded-for header to retain the ip.

Before you ask: I can’t help you with that.

Don’t be rude to people on the internet, we are all here trying figure this stuff out for the first time…

You seriously just registered for this comment? :sweat_smile:

Little tip: the post was already months old and it was from one of the few people here regularly answering to almost everyone.

In general I recommend to get to know a community first before commenting on others.