<div dir="ltr"><div dir="ltr"><div>Thanks. Almost got my modifications to NAXSI ready.</div><div><br></div><div>But currently have a blocker with getting just the X-Forwarded-for IP</div><div><br></div><div>The code below:</div><div><br></div><div><span class="gmail-im">ngx_uint_t n;</span></div><div><span class="gmail-im">ngx_table_elt_t **h;<br>
ngx_array_t a;<br>
a = req->headers_in.x_forwarded_for;<br>
n = a.nelts;<br>
h = a.elts;<br> <br>
<br>for (i = 0; i<n; i++) {<br>
ngx_log_error(NGX_LOG_ERR, req->connection->log,<br>
0, "x_forwarded_for: %s", h[i]->value.data);<br>}</span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im">gets a String with several IP (i.e client, server, request etc)<br></span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im">Tried to parse the string using strtok(), interating through it .... but it segfaults. I guess I am missing some NGINX module knowledge.<br></span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im">How to properly get first string up to first "," from the h[i]->value.data using NGINX functions/types or other correct way to do it.<br></span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im">Thanks,</span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im"><br></span></div><div><span class="gmail-im"><br></span></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Dec 25, 2019 at 12:17 PM Ruslan Ermilov <<a href="mailto:ru@nginx.com">ru@nginx.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Tue, Dec 24, 2019 at 08:00:26PM +0100, Marcin Kozlowski wrote:<br>
> Thanks.<br>
> <br>
> Works. For the reference, this is the code I used:<br>
> <br>
> ngx_uint_t n;<br>
> ngx_table_elt_t **h;<br>
> ngx_array_t a;<br>
> a = req->headers_in.x_forwarded_for;<br>
> n = a.nelts;<br>
> h = a.elts;<br>
> <br>
> <br>
> for (i = 0; i<n; i++) {<br>
> ngx_log_error(NGX_LOG_ERR, req->connection->log,<br>
> 0, "x_forwarded_for: %s", h[i]->value.data);<br>
> }<br>
> <br>
> BTW What would be the best practice in NGINX NASIX module or any other<br>
> module to load a file with hundreds entries of IPs (hashmap, or what<br>
> structure would be best?) which should be whitelisted later for comparison<br>
> in NASIX module logic. Those IP should never be blocked by NAXSI.<br>
> <br>
> When should I load this file in memory, in which component<br>
> /module/function/step?<br>
> <br>
> Links to some guides/sample code would be also appreciated.<br>
> <br>
> Thanks,<br>
<br>
<a href="http://nginx.org/en/docs/http/ngx_http_geo_module.html" rel="noreferrer" target="_blank">http://nginx.org/en/docs/http/ngx_http_geo_module.html</a><br>
_______________________________________________<br>
nginx-devel mailing list<br>
<a href="mailto:nginx-devel@nginx.org" target="_blank">nginx-devel@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a><br>
</blockquote></div></div>