nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Ruslan Ermilov ru at nginx.com
Tue Dec 24 09:37:42 UTC 2019


On Mon, Dec 23, 2019 at 11:04:43PM +0100, Marcin Kozlowski wrote:
> Hi List,
> 
> How to get x_forwarded_for sent in the request in NGINX module (NAXSI in
> particular):
> 
> My attempt:
> 
> ngx_log_error(NGX_LOG_ERR, req->connection->log,
>               0, "test %s", (char *)req->headers_in.x_forwarded_for.elts);
> 
> The bigger problem I am trying to solve with NAXSI is this:
> 
> https://stackoverflow.com/questions/59453729/naxsi-blacklist-and-whitelist-setup-with-nginx
> 
> I want to simply create a map and check if X-forwarded-for is on the
> whitelist and if yes, always allow it.
> 
> Above does not work. Prints garabge. Why it is (void *) ???
> 
> Debugging it:
> 
> $1 = (ngx_http_request_t *) 0xa44df0
> (gdb) p req->headers_
> headers_in   headers_out
> (gdb) p req->headers_in
> $2 = {headers = {last = 0xa44e60, part = {elts = 0xad4d10, nelts = 7, next
> = 0x0}, size = 48, nalloc = 20,
>     pool = 0xa44da0}, host = 0xad4d10, connection = 0x0, if_modified_since
> = 0x0, if_unmodified_since = 0x0,
>   if_match = 0x0, if_none_match = 0x0, user_agent = 0xad4d70, referer =
> 0x0, content_length = 0x0,
>   content_range = 0x0, content_type = 0x0, range = 0x0, if_range = 0x0,
> transfer_encoding = 0x0, te = 0x0,
>   expect = 0x0, upgrade = 0x0, accept_encoding = 0x0, via = 0x0,
> authorization = 0x0, keep_alive = 0x0,
>   x_forwarded_for = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool
> = 0xa44da0}, x_real_ip = 0x0, user = {
>     len = 0, data = 0x0}, passwd = {len = 0, data = 0x0}, cookies = {elts =
> 0x0, nelts = 0, size = 0, nalloc = 0,
>     pool = 0x0}, server = {len = 32, data = 0xa449a9 "domain.com"},
> content_length_n = -1,
>   keep_alive_n = -1, connection_type = 2, chunked = 0, msie = 0, msie6 = 0,
> opera = 0, gecko = 0, chrome = 0,
>   safari = 0, konqueror = 0}
> (gdb) p req->headers_in.x_forwarded_for
> $3 = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool = 0xa44da0}
> (gdb) p req->headers_in.x_forwarded_for .elts
> $4 = (void *) 0xa45b98
> (gdb) p req->headers_in.x_forwarded_for.elts
> $5 = (void *) 0xa45b98
> 
> What structure is this? Linked List? Why the elts point to garbage, when I
> know the Loadbalancer added the X-Forwarded-for header with value.

It's an array of type ngx_table_elt_t, the number of elements is
in "nelts".  Please see the handler for the $http_x_forwarded_for
variable in the ngx_http_variables.c on how to work with it.


More information about the nginx-devel mailing list