Welcome! Log In Create A New Profile

Advanced

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski
December 24, 2019 02:02PM
Thanks.

Works. For the reference, this is the code I used:

ngx_uint_t n;
ngx_table_elt_t **h;
ngx_array_t a;
a = req->headers_in.x_forwarded_for;
n = a.nelts;
h = a.elts;


for (i = 0; i<n; i++) {
ngx_log_error(NGX_LOG_ERR, req->connection->log,
0, "x_forwarded_for: %s", h[i]->value.data);
}

BTW What would be the best practice in NGINX NASIX module or any other
module to load a file with hundreds entries of IPs (hashmap, or what
structure would be best?) which should be whitelisted later for comparison
in NASIX module logic. Those IP should never be blocked by NAXSI.

When should I load this file in memory, in which component
/module/function/step?

Links to some guides/sample code would be also appreciated.

Thanks,


On Tue, Dec 24, 2019 at 10:37 AM Ruslan Ermilov <ru@nginx.com> wrote:

> On Mon, Dec 23, 2019 at 11:04:43PM +0100, Marcin Kozlowski wrote:
> > Hi List,
> >
> > How to get x_forwarded_for sent in the request in NGINX module (NAXSI in
> > particular):
> >
> > My attempt:
> >
> > ngx_log_error(NGX_LOG_ERR, req->connection->log,
> > 0, "test %s", (char
> *)req->headers_in.x_forwarded_for.elts);
> >
> > The bigger problem I am trying to solve with NAXSI is this:
> >
> >
> https://stackoverflow.com/questions/59453729/naxsi-blacklist-and-whitelist-setup-with-nginx
> >
> > I want to simply create a map and check if X-forwarded-for is on the
> > whitelist and if yes, always allow it.
> >
> > Above does not work. Prints garabge. Why it is (void *) ???
> >
> > Debugging it:
> >
> > $1 = (ngx_http_request_t *) 0xa44df0
> > (gdb) p req->headers_
> > headers_in headers_out
> > (gdb) p req->headers_in
> > $2 = {headers = {last = 0xa44e60, part = {elts = 0xad4d10, nelts = 7,
> next
> > = 0x0}, size = 48, nalloc = 20,
> > pool = 0xa44da0}, host = 0xad4d10, connection = 0x0,
> if_modified_since
> > = 0x0, if_unmodified_since = 0x0,
> > if_match = 0x0, if_none_match = 0x0, user_agent = 0xad4d70, referer =
> > 0x0, content_length = 0x0,
> > content_range = 0x0, content_type = 0x0, range = 0x0, if_range = 0x0,
> > transfer_encoding = 0x0, te = 0x0,
> > expect = 0x0, upgrade = 0x0, accept_encoding = 0x0, via = 0x0,
> > authorization = 0x0, keep_alive = 0x0,
> > x_forwarded_for = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1,
> pool
> > = 0xa44da0}, x_real_ip = 0x0, user = {
> > len = 0, data = 0x0}, passwd = {len = 0, data = 0x0}, cookies =
> {elts =
> > 0x0, nelts = 0, size = 0, nalloc = 0,
> > pool = 0x0}, server = {len = 32, data = 0xa449a9 "domain.com"},
> > content_length_n = -1,
> > keep_alive_n = -1, connection_type = 2, chunked = 0, msie = 0, msie6 =
> 0,
> > opera = 0, gecko = 0, chrome = 0,
> > safari = 0, konqueror = 0}
> > (gdb) p req->headers_in.x_forwarded_for
> > $3 = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool = 0xa44da0}
> > (gdb) p req->headers_in.x_forwarded_for .elts
> > $4 = (void *) 0xa45b98
> > (gdb) p req->headers_in.x_forwarded_for.elts
> > $5 = (void *) 0xa45b98
> >
> > What structure is this? Linked List? Why the elts point to garbage, when
> I
> > know the Loadbalancer added the X-Forwarded-for header with value.
>
> It's an array of type ngx_table_elt_t, the number of elements is
> in "nelts". Please see the handler for the $http_x_forwarded_for
> variable in the ngx_http_variables.c on how to work with it.
> _______________________________________________
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 222 December 23, 2019 05:06PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

ru@nginx.com 74 December 24, 2019 04:38AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 71 December 24, 2019 02:02PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

ru@nginx.com 72 December 25, 2019 06:18AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 65 December 27, 2019 05:44PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 64 December 28, 2019 09:38AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 61 December 28, 2019 02:36PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Robert Paprocki 64 December 28, 2019 03:50PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Hung Nguyen 70 December 28, 2019 09:28PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 62 December 30, 2019 10:50AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 73 December 30, 2019 04:46PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Aaron Bedra 92 January 05, 2020 12:54AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 64
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready