Welcome! Log In Create A New Profile

Advanced

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Robert Paprocki
December 28, 2019 03:50PM
The array has 0 nelts because you haven’t added anything to do. nelts is the number of elements in the array, not the size of the array.

Add an element to the array with ngx_array_push().

> On Dec 28, 2019, at 11:35, Marcin Kozlowski <marcinguy@gmail.com> wrote:
>
> 
> Still have few questions. Help would be great
>
> Beginner in writing NGINX modules
>
> Have this question
>
> 1) How do I create array, add element to it and than create a hashtable from it.
>
> Below I try to achieve it:
>
> NX_LOG_DEBUG(_debug_whitelist_heavy,
> NGX_LOG_EMERG, cf, 0,
> "finalizing hashtables array %i", dlc->pass_rules->nelts);
>
> headers_ar = ngx_array_create(cf->pool, dlc->pass_rules->nelts, sizeof(ngx_hash_key_t));
>
>
>
> if (headers_ar) {
> NX_LOG_DEBUG(_debug_readconf, NGX_LOG_EMERG, cf, 0,
> "headers array %i",headers_ar->nelts);
>
> 2) Why headers_ar has 0 elemets
>
> nginx: [emerg] finalizing hashtables array 6 in /etc/nginx/nginx.conf:124
> nginx: [emerg] headers array 0 in /etc/nginx/nginx.conf:124
>
>
>
> 3) I later want to build hashtable based on this array:
>
> dlc->passr_headers_hash = (ngx_hash_t*) ngx_pcalloc(cf->pool, sizeof(ngx_hash_t));
> hash_init.hash = dlc->passr_headers_hash;
> hash_init.name = "passr_headers_hash";
>
>
>
> if (ngx_hash_init(&hash_init, (ngx_hash_key_t*) headers_ar->elts,
> headers_ar->nelts) != NGX_OK) {
> ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "$HEADERS hashtable init failed"); /* LCOV_EXCL_LINE */
> return (NGX_ERROR); /* LCOV_EXCL_LINE */
> }
>
> else {
> NX_LOG_DEBUG(_debug_whitelist, NGX_LOG_EMERG, cf, 0, "$HEADERS hashtable init successed %d !",
> dlc->passr_headers_hash->size);
> }
>
>
>
> 4) Can somebody post simple code that
>
> a) creates array
> b) pushes one IP
> c) create hashtable from it
>
> Thanks,
>
>
>> On Sat, Dec 28, 2019 at 3:36 PM Marcin Kozlowski <marcinguy@gmail.com> wrote:
>> Ignore my last post.
>>
>> My error.
>>
>> Thanks,
>>
>>> On Fri, Dec 27, 2019 at 11:42 PM Marcin Kozlowski <marcinguy@gmail.com> wrote:
>>> Thanks. Almost got my modifications to NAXSI ready.
>>>
>>> But currently have a blocker with getting just the X-Forwarded-for IP
>>>
>>> The code below:
>>>
>>> ngx_uint_t n;
>>> ngx_table_elt_t **h;
>>> ngx_array_t a;
>>> a = req->headers_in.x_forwarded_for;
>>> n = a.nelts;
>>> h = a.elts;
>>>
>>>
>>> for (i = 0; i<n; i++) {
>>> ngx_log_error(NGX_LOG_ERR, req->connection->log,
>>> 0, "x_forwarded_for: %s", h[i]->value.data);
>>> }
>>>
>>> gets a String with several IP (i.e client, server, request etc)
>>>
>>> Tried to parse the string using strtok(), interating through it .... but it segfaults. I guess I am missing some NGINX module knowledge.
>>>
>>> How to properly get first string up to first "," from the h[i]->value.data using NGINX functions/types or other correct way to do it.
>>>
>>> Thanks,
>>>
>>>
>>>
>>>
>>>
>>>> On Wed, Dec 25, 2019 at 12:17 PM Ruslan Ermilov <ru@nginx.com> wrote:
>>>> On Tue, Dec 24, 2019 at 08:00:26PM +0100, Marcin Kozlowski wrote:
>>>> > Thanks.
>>>> >
>>>> > Works. For the reference, this is the code I used:
>>>> >
>>>> > ngx_uint_t n;
>>>> > ngx_table_elt_t **h;
>>>> > ngx_array_t a;
>>>> > a = req->headers_in.x_forwarded_for;
>>>> > n = a.nelts;
>>>> > h = a.elts;
>>>> >
>>>> >
>>>> > for (i = 0; i<n; i++) {
>>>> > ngx_log_error(NGX_LOG_ERR, req->connection->log,
>>>> > 0, "x_forwarded_for: %s", h[i]->value.data);
>>>> > }
>>>> >
>>>> > BTW What would be the best practice in NGINX NASIX module or any other
>>>> > module to load a file with hundreds entries of IPs (hashmap, or what
>>>> > structure would be best?) which should be whitelisted later for comparison
>>>> > in NASIX module logic. Those IP should never be blocked by NAXSI.
>>>> >
>>>> > When should I load this file in memory, in which component
>>>> > /module/function/step?
>>>> >
>>>> > Links to some guides/sample code would be also appreciated.
>>>> >
>>>> > Thanks,
>>>>
>>>> http://nginx.org/en/docs/http/ngx_http_geo_module.html
>>>> _______________________________________________
>>>> nginx-devel mailing list
>>>> nginx-devel@nginx.org
>>>> http://mailman.nginx.org/mailman/listinfo/nginx-devel
> _______________________________________________
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 200 December 23, 2019 05:06PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

ru@nginx.com 56 December 24, 2019 04:38AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 55 December 24, 2019 02:02PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

ru@nginx.com 53 December 25, 2019 06:18AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 52 December 27, 2019 05:44PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 49 December 28, 2019 09:38AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 46 December 28, 2019 02:36PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Robert Paprocki 49 December 28, 2019 03:50PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Hung Nguyen 55 December 28, 2019 09:28PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 47 December 30, 2019 10:50AM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski 55 December 30, 2019 04:46PM

Re: nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Aaron Bedra 76 January 05, 2020 12:54AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 59
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready