Need CF-Connecting-Port for French law


Are we able to collect client connection port in the log ?
I didn’t find anything about that.

French governement just realased a new law asking for “social web” service provider to collect IP address and client port (the port used for out connection).
Why ? Because some internet provider, in lack of IPV4, share the same IP address with several customers. The router NAT function handle that and work with a specified port range.

The law
The line
“1° L’adresse IP attribuée à la source de la connexion et le port associé ;”
translated in english
1° The IP address assigned to the connection source and the associated port;

Cloudflare team can you add this feature ?
Without this feature it is impossible to continue using Cloudflare for a French service.


You can create a Transform Rule to add a new header based on the client port number observed by the Cloudflare edge:

PS: I’m not really sure whether we can use a header name that starts with “CF”. If “CF-Connecting-Port” doesn’t work, then you may choose another header name such as “X-Client-Port”.


This field doesn’t seem to be included in the Firewall Language docs :confused: Is there a complete list of valid fields somewhere?

You can find it here

I test “cf.edge.client_port” and come back.

1 Like

That page and Transform Rule page covers most of them. This one includes client_port - Available fields and functions for HTTP request header modification · Cloudflare Rules docs

1 Like

It’s not under Firewall Language docs. Refer to this:

Edit: Wow. Three people reply at the same time :sweat_smile:

1 Like

Oh, alright! Thanks everyone :grin:

1 Like

Thanks @erictung
It works as explained.
I confirm you can’t use CF-Connecting-Port keywork, you get immediate error message when validating configuration screen.
I checked on my web server and get expected header with correct value.


1 Like

Thanks for the confirmation.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.