N00b - logging stream request / response
Joel Parker
joel.parker.gm at gmail.com
Tue Apr 25 18:52:41 UTC 2017
What I am trying to do is create an open proxy that listens to TLS from
many servers and de-crypts the traffic with the appropriate keys, log the
de-crytped request / response then re-encrypt with different certs and send
to an upstream server. My thought was theat a stream block would help me
accomplish this.
Joel
On Tue, Apr 25, 2017 at 1:49 PM, Robert Paprocki <
rpaprocki at fearnothingproductions.net> wrote:
> No. stream {} and http {} blocks are mutually exclusive.
>
> What exactly are you trying to accomplish with stream?
>
> On Tue, Apr 25, 2017 at 11:46 AM, Joel Parker <joel.parker.gm at gmail.com>
> wrote:
>
>> so can I have a hierarchy like this ?
>>
>> http {
>> // log format
>> stream {
>> server {
>> // access log
>> }
>> }
>> }
>>
>> On Tue, Apr 25, 2017 at 1:38 PM, Robert Paprocki <
>> rpaprocki at fearnothingproductions.net> wrote:
>>
>>> What you're doing doesn't quite make sense. You're trying to log HTTP
>>> data inside a stream block. That doesn't work. There's no such concept of
>>> $status, $http_referer, etc, inside a stream {} block.
>>>
>>> Have a read of the log_format docs: http://nginx.org/en/docs
>>> /http/ngx_http_log_module.html#log_format
>>>
>>>
>>> Syntax: *log_format* *name* [escape=default|json] *string* ...;
>>> Default:
>>>
>>> log_format combined "...";
>>>
>>> Context: http
>>>
>>>
>>>
>>> On Tue, Apr 25, 2017 at 11:32 AM, Joel Parker <joel.parker.gm at gmail.com>
>>> wrote:
>>>
>>>> I am trying to log all request / response in a stream with a lua script
>>>> I found in git hub and am having issues figuring out where to put the
>>>> log_format directive. Here is what I currently have :
>>>>
>>>> stream {
>>>>
>>>> log_format bodylog '$remote_addr - $remote_user [$time_local] '
>>>> '"$request" $status $body_bytes_sent '
>>>> '"$http_referer" "$http_user_agent" $request_time '
>>>> '<"$request_body" >"$resp_body"';
>>>>
>>>> lua_need_request_body on;
>>>>
>>>> set $resp_body "";
>>>> body_filter_by_lua '
>>>> local resp_body = ngx.arg[1]
>>>> ngx.ctx.buffered = (ngx.ctx.buffered or "") .. resp_body
>>>> if ngx.arg[2] then
>>>> ngx.var.resp_body = ngx.ctx.buffered
>>>> end
>>>> ';
>>>>
>>>> ......
>>>>
>>>> }
>>>>
>>>> _______________________________________________
>>>> nginx mailing list
>>>> nginx at nginx.org
>>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>>
>>>
>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170425/004a8807/attachment-0001.html>
More information about the nginx
mailing list