Config advice / wireshark

Joel Parker joel.parker.gm at gmail.com
Fri Apr 21 15:42:45 UTC 2017


The only other thing I was thinking of was to double proxy through
localhost. i.e. user -> proxy -> localhost proxy -> upstream server. Seems
like it is pretty convoluted but is it still possible ?


On Fri, Apr 21, 2017 at 10:30 AM, Robert Paprocki <
rpaprocki at fearnothingproductions.net> wrote:

> Is what compatible? Nginx logging? I don't think so, Nginx logs are
> intended to be human readable. Related docs: http://nginx.org/en/
> docs/http/ngx_http_log_module.html#log_format
>
> On Fri, Apr 21, 2017 at 8:25 AM, Joel Parker <joel.parker.gm at gmail.com>
> wrote:
>
>> Is it compatible with something like log2pcap ? or I just need to set the
>> format somehow to be compatible with it.
>>
>> Joel Parker
>>
>> On Fri, Apr 21, 2017 at 10:21 AM, Robert Paprocki <
>> rpaprocki at fearnothingproductions.net> wrote:
>>
>>> Unless wireshark has access to the private key (and PFC isn't enabled),
>>> you're best bet would be to log the data from nginx directly, rather than
>>> trying to examine the raw bytes on the wire.
>>>
>>> > On Apr 21, 2017, at 08:10, Joel Parker <joel.parker.gm at gmail.com>
>>> wrote:
>>> >
>>> > I currently have a config that allows me to terminate TLSv1.2 and
>>> decrypt it. Then it re-encrypts the packets with a different cert before
>>> sending to the upstream servers. I want to "look" at the decrypted packets
>>> before they are encrypted but I am not sure the best way to accomplish this.
>>> > _______________________________________________
>>> > nginx mailing list
>>> > nginx at nginx.org
>>> > http://mailman.nginx.org/mailman/listinfo/nginx
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170421/439d22b4/attachment.html>


More information about the nginx mailing list