nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)
Ruslan Ermilov
ru at nginx.com
Tue Dec 24 09:37:42 UTC 2019
On Mon, Dec 23, 2019 at 11:04:43PM +0100, Marcin Kozlowski wrote:
> Hi List,
>
> How to get x_forwarded_for sent in the request in NGINX module (NAXSI in
> particular):
>
> My attempt:
>
> ngx_log_error(NGX_LOG_ERR, req->connection->log,
> 0, "test %s", (char *)req->headers_in.x_forwarded_for.elts);
>
> The bigger problem I am trying to solve with NAXSI is this:
>
> https://stackoverflow.com/questions/59453729/naxsi-blacklist-and-whitelist-setup-with-nginx
>
> I want to simply create a map and check if X-forwarded-for is on the
> whitelist and if yes, always allow it.
>
> Above does not work. Prints garabge. Why it is (void *) ???
>
> Debugging it:
>
> $1 = (ngx_http_request_t *) 0xa44df0
> (gdb) p req->headers_
> headers_in headers_out
> (gdb) p req->headers_in
> $2 = {headers = {last = 0xa44e60, part = {elts = 0xad4d10, nelts = 7, next
> = 0x0}, size = 48, nalloc = 20,
> pool = 0xa44da0}, host = 0xad4d10, connection = 0x0, if_modified_since
> = 0x0, if_unmodified_since = 0x0,
> if_match = 0x0, if_none_match = 0x0, user_agent = 0xad4d70, referer =
> 0x0, content_length = 0x0,
> content_range = 0x0, content_type = 0x0, range = 0x0, if_range = 0x0,
> transfer_encoding = 0x0, te = 0x0,
> expect = 0x0, upgrade = 0x0, accept_encoding = 0x0, via = 0x0,
> authorization = 0x0, keep_alive = 0x0,
> x_forwarded_for = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool
> = 0xa44da0}, x_real_ip = 0x0, user = {
> len = 0, data = 0x0}, passwd = {len = 0, data = 0x0}, cookies = {elts =
> 0x0, nelts = 0, size = 0, nalloc = 0,
> pool = 0x0}, server = {len = 32, data = 0xa449a9 "domain.com"},
> content_length_n = -1,
> keep_alive_n = -1, connection_type = 2, chunked = 0, msie = 0, msie6 = 0,
> opera = 0, gecko = 0, chrome = 0,
> safari = 0, konqueror = 0}
> (gdb) p req->headers_in.x_forwarded_for
> $3 = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool = 0xa44da0}
> (gdb) p req->headers_in.x_forwarded_for .elts
> $4 = (void *) 0xa45b98
> (gdb) p req->headers_in.x_forwarded_for.elts
> $5 = (void *) 0xa45b98
>
> What structure is this? Linked List? Why the elts point to garbage, when I
> know the Loadbalancer added the X-Forwarded-for header with value.
It's an array of type ngx_table_elt_t, the number of elements is
in "nelts". Please see the handler for the $http_x_forwarded_for
variable in the ngx_http_variables.c on how to work with it.
More information about the nginx-devel
mailing list