nginx - get value of the header - x_forwarded_for in Nginx module (Naxsi)
Marcin Kozlowski
marcinguy at gmail.com
Sat Dec 28 14:36:02 UTC 2019
Ignore my last post.
My error.
Thanks,
On Fri, Dec 27, 2019 at 11:42 PM Marcin Kozlowski <marcinguy at gmail.com>
wrote:
> Thanks. Almost got my modifications to NAXSI ready.
>
> But currently have a blocker with getting just the X-Forwarded-for IP
>
> The code below:
>
> ngx_uint_t n;
> ngx_table_elt_t **h;
> ngx_array_t a;
> a = req->headers_in.x_forwarded_for;
> n = a.nelts;
> h = a.elts;
>
>
> for (i = 0; i<n; i++) {
> ngx_log_error(NGX_LOG_ERR, req->connection->log,
> 0, "x_forwarded_for: %s", h[i]->value.data);
> }
>
> gets a String with several IP (i.e client, server, request etc)
>
> Tried to parse the string using strtok(), interating through it .... but
> it segfaults. I guess I am missing some NGINX module knowledge.
>
> How to properly get first string up to first "," from the h[i]->value.data
> using NGINX functions/types or other correct way to do it.
>
> Thanks,
>
>
>
>
>
> On Wed, Dec 25, 2019 at 12:17 PM Ruslan Ermilov <ru at nginx.com> wrote:
>
>> On Tue, Dec 24, 2019 at 08:00:26PM +0100, Marcin Kozlowski wrote:
>> > Thanks.
>> >
>> > Works. For the reference, this is the code I used:
>> >
>> > ngx_uint_t n;
>> > ngx_table_elt_t **h;
>> > ngx_array_t a;
>> > a = req->headers_in.x_forwarded_for;
>> > n = a.nelts;
>> > h = a.elts;
>> >
>> >
>> > for (i = 0; i<n; i++) {
>> > ngx_log_error(NGX_LOG_ERR, req->connection->log,
>> > 0, "x_forwarded_for: %s", h[i]->value.data);
>> > }
>> >
>> > BTW What would be the best practice in NGINX NASIX module or any other
>> > module to load a file with hundreds entries of IPs (hashmap, or what
>> > structure would be best?) which should be whitelisted later for
>> comparison
>> > in NASIX module logic. Those IP should never be blocked by NAXSI.
>> >
>> > When should I load this file in memory, in which component
>> > /module/function/step?
>> >
>> > Links to some guides/sample code would be also appreciated.
>> >
>> > Thanks,
>>
>> http://nginx.org/en/docs/http/ngx_http_geo_module.html
>> _______________________________________________
>> nginx-devel mailing list
>> nginx-devel at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20191228/77f97c4e/attachment.htm>
More information about the nginx-devel
mailing list