<div dir="ltr"><div>What I am trying to do is create an open proxy that listens to TLS from many servers and de-crypts the traffic with the appropriate keys, log the de-crytped request / response then re-encrypt with different certs and send to an upstream server. My thought was theat a stream block would help me accomplish this.<br><br></div>Joel<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Apr 25, 2017 at 1:49 PM, Robert Paprocki <span dir="ltr"><<a href="mailto:rpaprocki@fearnothingproductions.net" target="_blank">rpaprocki@fearnothingproductions.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">No. stream {} and http {} blocks are mutually exclusive.<br><div><br></div><div>What exactly are you trying to accomplish with stream?</div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Apr 25, 2017 at 11:46 AM, Joel Parker <span dir="ltr"><<a href="mailto:joel.parker.gm@gmail.com" target="_blank">joel.parker.gm@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div>so can I have a hierarchy like this ?<br><br></div>http {<br></div><div> // log format<br></div> stream {<br></div> server {<br></div> // access log<br><div> }<br><div> }<br><div>}<br></div></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Apr 25, 2017 at 1:38 PM, Robert Paprocki <span dir="ltr"><<a href="mailto:rpaprocki@fearnothingproductions.net" target="_blank">rpaprocki@fearnothingproducti<wbr>ons.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>What you're doing doesn't quite make sense. You're trying to log HTTP data inside a stream block. That doesn't work. There's no such concept of $status, $http_referer, etc, inside a stream {} block.</div><div><br></div>Have a read of the log_format docs: <a href="http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format" target="_blank">http://nginx.org/en/docs<wbr>/http/ngx_http_log_module.html<wbr>#log_format</a><br><br><br class="m_-5797128594644303429m_-472930783172187996m_7396095321503525620gmail-Apple-interchange-newline"><table style="color:rgb(0,0,0);font-family:sans-serif;font-size:medium" cellspacing="0"><tbody><tr><th style="padding-left:0px;padding-right:0.5em;vertical-align:baseline;text-align:left;font-weight:normal">Syntax:</th><td style="vertical-align:baseline"><code><strong>log_format</strong> <code><i>name</i></code> [<code>escape</code>=<code>defaul<wbr>t</code>|<code>json</code>] <code><i>string</i></code> ...;</code><br></td></tr><tr><th style="padding-left:0px;padding-right:0.5em;vertical-align:baseline;text-align:left;font-weight:normal">Default:</th><td style="vertical-align:baseline"><pre style="padding:0px;margin-top:0px;margin-bottom:0px">log_format combined "...";</pre></td></tr><tr><th style="padding-left:0px;padding-right:0.5em;vertical-align:baseline;text-align:left;font-weight:normal">Context:</th><td style="vertical-align:baseline"><code>http<br><br><br></code></td></tr></tbody></table></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_-5797128594644303429m_-472930783172187996h5">On Tue, Apr 25, 2017 at 11:32 AM, Joel Parker <span dir="ltr"><<a href="mailto:joel.parker.gm@gmail.com" target="_blank">joel.parker.gm@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="m_-5797128594644303429m_-472930783172187996h5"><div dir="ltr">I am trying to log all request / response in a stream with a lua script I found in git hub and am having issues figuring out where to put the log_format directive. Here is what I currently have :<br><br>stream {<br><br> log_format bodylog '$remote_addr - $remote_user [$time_local] '<br> '"$request" $status $body_bytes_sent '<br> '"$http_referer" "$http_user_agent" $request_time '<br> '<"$request_body" >"$resp_body"';<br><br> lua_need_request_body on;<br><br> set $resp_body "";<br> body_filter_by_lua '<br> local resp_body = ngx.arg[1]<br> ngx.ctx.buffered = (ngx.ctx.buffered or "") .. resp_body<br> if ngx.arg[2] then<br> ngx.var.resp_body = ngx.ctx.buffered<br> end<br> ';<br><br>......<br><br>}<br></div>
<br></div></div>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br></blockquote></div><br></div>
<br>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br></blockquote></div><br></div>
<br>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a><br></blockquote></div><br></div>