gmer3.itd.sterling.com/home.htm in the access log

Fatma MAZARI fatma.mazari at esprit.tn
Thu Jun 3 21:07:36 UTC 2021 

Hi,
I have a question,
I wanna use nginx and ffmpeg to serve chunks to clients without using or
sending .m3u file to client. How can i do this lease?
* ffmpeg copy streams in local ( in /home/STREAMS/channel/stream%d.ts ==>
/home/STREAMS/channel/stream1.ts ,  /home/STREAMS/channel/stream2.ts ,
/home/STREAMS/channel/stream3.ts ....)
* I want nginx to serve clients chunk by chunk in a continuous  way without
serving m3u file (the client must wait for the next chunk)  .
Thank you ,  Please I need your help
Fatma.

Le jeu. 3 juin 2021 à 22:02, Thomas Ward <teward at thomas-ward.net> a écrit :

> Let's dissect an HTTP request that is sent to your NGINX server.
>
> Assume for a moment it's '/cr-bin/mp.exe' that's the request but there's
> extra headers.  The full HTTP request looks like this (CURL format output,
> but also what NGINX spits in debug mode):
>
> POST /cr-bin/mp.exe
> referer: example.com/foobar.html
> content-type: text/json
> content-length: 2345
>
> The actual URL request in this case would have been
> http://your-nginx-server/cr-bin/mp.exe with a POST to there, and that is
> passed through to your system per your proxy_pass rules, etc.
>
> Where your logs are getting "gmer3.itd.sterling.com/home.htm" is from
> that *referer* header.  I.E. you would see "example.com/foobar.html" if
> the referer header in the request was the example above.
>
> This has **nothing** to do with your configuration.  Whatever 'poster' is
> doing to post the items to your system is passing a referer header in the
> POST with the contents "gmer3.itd.sterling.com/home.htm".  If this is
> some other site/system you'll see any number of potential referer items.
> It's also entirely possible that this is your hostname, or something
> specific to your Poster program itself setting the referer header in the
> POST that it sends to your server.
>
> This, again, has nothing to do with your NGINX configuration and
> everything with how Poster is structuring the POST request (including any
> headers it's sending in the request).
>
>
>
> Thomas
>
>
> On 6/3/21 2:52 PM, Benn Boulton wrote:
>
> Hi,
>
>
>
> Currently… The posts are coming from the  same computer that is hosting
> NGINX  that passes the requests to an external server.
>
> Eventually…  NGINX will be run on the same computer with Apache and will
> also function as a load balancer for multiple servers. One being the same
> as NGINX and other external  servers.
>
> The posts are from a custom poster process that is an .EXE run from the
> windows command prompt or a process that calls the POSTER executable.
>
> C:\POSTER> Poster h:http://localhost/cr-bin/mp.exe f:test.txt
>
> h: is the host to send to
>
> f: is the file with the payload to be sent to the final destination which
> is the mp.exe on the server listed in the proxy_pass parameter.
>
>
>
> Everything looks to work as it should.  But the ‘
> gmer3.itd.sterling.com/home.htm’ Log entries are just not what I expect
> to see.
>
> I  am installing NGINX to rate limit a customer that is sending multiple
> posts so fast that we occasionally miss one, and hope this will resolve
> that.
>
> Again, the proxy redirect is working, just the log entries is what
> prompted my asking.
>
>
>
> Thanks,
>
> - Benn
>
> *From:* nginx <nginx-bounces at nginx.org> <nginx-bounces at nginx.org> *On
> Behalf Of *Moshe Katz
> *Sent:* Thursday, June 3, 2021 1:29 PM
> *To:* nginx at nginx.org
> *Subject:* Re: gmer3.itd.sterling.com/home.htm in the access log
>
>
>
> Benn,
>
>
>
> I guess my explanation wasn't clear enough, so I'll try again.
>
>
>
> That value is not coming from anywhere in your server's configuration - it
> has nothing to do with proxy_pass or anything else. It is the value of the
> "Referer" header that is in the incoming request.
>
>
>
> First, are these log lines from requests that you are making to the server
> yourself, or are they coming from someone else?
>
>
>
> If it is your own traffic, where are you making your requests from? Is it
> a page in a web browser, or is it some other tool?
>
>
>
> If it is a web browser, that is usually the URL of the web page that is
> open in the browser. For example, if I have a website at `
> example.com/page.html`
> <https://url.emailprotection.link/?bDBb9TVOKiqDPh_SUvfalWM90G6wcWScPnK_EVq6xVxh-Jq5ndDGgvfcC5U_tqxpluRe5jF35zSgN416HI1RIHw~~>
> with a form on it that submits to your server, the value in that place in
> the logs will be `https://example.com/page.html`
> <https://url.emailprotection.link/?bMe1AJs-bSscT1yazCR9XS0kzX52Qa1-DwoIBV-QK8xxhHB1slVsgthl_uC3ltg7Vu05wQoXQi9lo9go4OQWCbA~~>
> so that your server can see where the request came from.
>
>
>
> Moshe
>
>
>
> On Thu, Jun 3, 2021 at 1:18 PM Benn Boulton <bboulton at skippingstone.com>
> wrote:
>
> Hello Moshe,
>
>
>
> Thanks for the reply.  I guess I was not clear enough in my post.  I know
> the /cr-bin/mp.exe is part of the POST request.
>
>  What I do not understand is where the  gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>
> is coming from. It is not my proxy_pass value.
>
> It is not part of the POST request or part of the nginx proxy_pass or any
> thing I can find in my configuration.
>
>
>
> Is my post being sent to both my proxy_pass value and this site in the
> log? Do I have a hacked nginx?
>
>
>
> -Benn
>
>
>
> *From:* nginx <nginx-bounces at nginx.org> *On Behalf Of *Moshe Katz
> *Sent:* Thursday, June 3, 2021 12:14 PM
> *To:* nginx at nginx.org
> *Subject:* Re: gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>
> in the access log
>
>
>
> Benn,
>
>
>
> That part of the log is not the request URL, it is the referrer header.
> The path that was requested on your server is before that - a POST request
> to "/cr-bin/mp.exe". The referrer (which the HTTP standard actually
> misspells as "referer") is the web page that is making this request to your
> server.
>
>
>
> Moshe
>
>
>
> On Thu, Jun 3, 2021 at 12:08 PM Benn Boulton <bboulton at skippingstone.com>
> wrote:
>
> Hello,
>
> I have just installed the NGINX service to help rate limit connections to
> my Apache server on Windows.
>
> NGNIX 1.19.10 on Windows 10 64 bit
>
>
>
> Everything seems to be working fine but I am getting access log entries
> that I do not understand for the pages I am redirecting.
>
> I am running a process that posts to the server. NGNIX is processing the
> request and passing it to the destination server but it is not
> gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>
> as shown in the access log entries below.
>
> Any Idea why
>
> 127.0.0.1 - t_skipstone [03/Jun/2021:10:30:07 -0400] "POST /cr-bin/mp.exe
> HTTP/1.1" 200 569 "gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>"
> "brow v1.0 CCI"
>
> 127.0.0.1 - t_skipstone [03/Jun/2021:10:31:07 -0400] "POST /cr-bin/mp.exe
> HTTP/1.1" 200 569 "gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>"
> "brow v1.0 CCI"
>
> 127.0.0.1 - t_skipstone [03/Jun/2021:10:33:35 -0400] "POST /cr-bin/mp.exe
> HTTP/1.1" 200 569 "gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>"
> "brow v1.0 CCI"
>
> 127.0.0.1 - t_skipstone [03/Jun/2021:10:37:42 -0400] "POST /cr-bin/mp.exe
> HTTP/1.1" 200 569 "gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>"
> "brow v1.0 CCI"
>
> 127.0.0.1 - t_skipstone [03/Jun/2021:10:55:03 -0400] "POST /cr-bin/mp.exe
> HTTP/1.1" 200 569 "gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>"
> "brow v1.0 CCI"
>
> 127.0.0.1 - t_skipstone [03/Jun/2021:10:56:34 -0400] "POST /cr-bin/mp.exe
> HTTP/1.1" 200 569 "gmer3.itd.sterling.com/home.htm
> <https://url.emailprotection.link/?bD5H3QzZ3V5r-EeQ1owgpRQF9oV5l2NRIm985JaimcuSK9Ouf7HkyYPBjb_5XEDTDFQOhTH2rYvU2h1CLfmBEfM8_cgt7-mqSW8-5oZbZzhsOjFEa1jMAMRarOyYb8wct>"
> "brow v1.0 CCI"
>
>
>
> Thanks
>
> *Benn *
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> <https://url.emailprotection.link/?b0r-C9_AUw48-Ch5rHbhyfCAxCuaEcGez1jSw3TSmi_yMSerkqszEs29ZeJ-9XHhKXFPzhIWSbHbDCNUmj6Tzf9mgNn_Pt2ohe5UJSMuWw0QP3IvnnyCmFlsv4r_rtY2d>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> <https://url.emailprotection.link/?b0r-C9_AUw48-Ch5rHbhyfCAxCuaEcGez1jSw3TSmi_yMSerkqszEs29ZeJ-9XHhKXFPzhIWSbHbDCNUmj6Tzf9mgNn_Pt2ohe5UJSMuWw0QP3IvnnyCmFlsv4r_rtY2d>
>
>
> _______________________________________________
> nginx mailing listnginx at nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210603/1f6bd4e7/attachment-0001.htm>

More information about the nginx mailing list