Thanks. Almost got my modifications to NAXSI ready.
But currently have a blocker with getting just the X-Forwarded-for IP
The code below:
ngx_uint_t n;
ngx_table_elt_t **h;
ngx_array_t a;
a = req->headers_in.x_forwarded_for;
n = a.nelts;
h = a.elts;
for (i = 0; i<n; i++) {
ngx_log_error(NGX_LOG_ERR, req->connection->log,
0, "x_forwarded_for: %s", h[i]->value.data);
}
gets a String with several IP (i.e client, server, request etc)
Tried to parse the string using strtok(), interating through it .... but it
segfaults. I guess I am missing some NGINX module knowledge.
How to properly get first string up to first "," from the h[i]->value.data
using NGINX functions/types or other correct way to do it.
Thanks,
On Wed, Dec 25, 2019 at 12:17 PM Ruslan Ermilov <ru@nginx.com> wrote:
> On Tue, Dec 24, 2019 at 08:00:26PM +0100, Marcin Kozlowski wrote:
> > Thanks.
> >
> > Works. For the reference, this is the code I used:
> >
> > ngx_uint_t n;
> > ngx_table_elt_t **h;
> > ngx_array_t a;
> > a = req->headers_in.x_forwarded_for;
> > n = a.nelts;
> > h = a.elts;
> >
> >
> > for (i = 0; i<n; i++) {
> > ngx_log_error(NGX_LOG_ERR, req->connection->log,
> > 0, "x_forwarded_for: %s", h[i]->value.data);
> > }
> >
> > BTW What would be the best practice in NGINX NASIX module or any other
> > module to load a file with hundreds entries of IPs (hashmap, or what
> > structure would be best?) which should be whitelisted later for
> comparison
> > in NASIX module logic. Those IP should never be blocked by NAXSI.
> >
> > When should I load this file in memory, in which component
> > /module/function/step?
> >
> > Links to some guides/sample code would be also appreciated.
> >
> > Thanks,
>
> http://nginx.org/en/docs/http/ngx_http_geo_module.html
> _______________________________________________
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
