nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)

Marcin Kozlowski marcinguy at gmail.com
Mon Dec 23 22:04:43 UTC 2019


Hi List,

How to get x_forwarded_for sent in the request in NGINX module (NAXSI in
particular):

My attempt:

ngx_log_error(NGX_LOG_ERR, req->connection->log,
              0, "test %s", (char *)req->headers_in.x_forwarded_for.elts);

The bigger problem I am trying to solve with NAXSI is this:

https://stackoverflow.com/questions/59453729/naxsi-blacklist-and-whitelist-setup-with-nginx

I want to simply create a map and check if X-forwarded-for is on the
whitelist and if yes, always allow it.

Above does not work. Prints garabge. Why it is (void *) ???

Debugging it:

$1 = (ngx_http_request_t *) 0xa44df0
(gdb) p req->headers_
headers_in   headers_out
(gdb) p req->headers_in
$2 = {headers = {last = 0xa44e60, part = {elts = 0xad4d10, nelts = 7, next
= 0x0}, size = 48, nalloc = 20,
    pool = 0xa44da0}, host = 0xad4d10, connection = 0x0, if_modified_since
= 0x0, if_unmodified_since = 0x0,
  if_match = 0x0, if_none_match = 0x0, user_agent = 0xad4d70, referer =
0x0, content_length = 0x0,
  content_range = 0x0, content_type = 0x0, range = 0x0, if_range = 0x0,
transfer_encoding = 0x0, te = 0x0,
  expect = 0x0, upgrade = 0x0, accept_encoding = 0x0, via = 0x0,
authorization = 0x0, keep_alive = 0x0,
  x_forwarded_for = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool
= 0xa44da0}, x_real_ip = 0x0, user = {
    len = 0, data = 0x0}, passwd = {len = 0, data = 0x0}, cookies = {elts =
0x0, nelts = 0, size = 0, nalloc = 0,
    pool = 0x0}, server = {len = 32, data = 0xa449a9 "domain.com"},
content_length_n = -1,
  keep_alive_n = -1, connection_type = 2, chunked = 0, msie = 0, msie6 = 0,
opera = 0, gecko = 0, chrome = 0,
  safari = 0, konqueror = 0}
(gdb) p req->headers_in.x_forwarded_for
$3 = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool = 0xa44da0}
(gdb) p req->headers_in.x_forwarded_for .elts
$4 = (void *) 0xa45b98
(gdb) p req->headers_in.x_forwarded_for.elts
$5 = (void *) 0xa45b98

What structure is this? Linked List? Why the elts point to garbage, when I
know the Loadbalancer added the X-Forwarded-for header with value.


Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20191223/05ab160b/attachment.htm>


More information about the nginx-devel mailing list