N00b - logging stream request / response

Robert Paprocki rpaprocki at fearnothingproductions.net
Tue Apr 25 19:00:25 UTC 2017


Just set up a server {} block that accepts TLS connections. This is exactly
what proxy_pass is for :) You can log whatever HTTP data you need via Nginx
(just as your log_format and content_by_lua block does), and then
proxy_pass that traffic to your upstream as normal. Stream blocks are for
arbitrary TCP/UDP streams; they have no knowledge of layer 7 HTTP data.

BTW it's very bad practice to buffer the whole request body like that ;)

On Tue, Apr 25, 2017 at 11:52 AM, Joel Parker <joel.parker.gm at gmail.com>
wrote:

> What I am trying to do is create an open proxy that listens to TLS from
> many servers and de-crypts the traffic with the appropriate keys, log the
> de-crytped request / response then re-encrypt with different certs and send
> to an upstream server. My thought was theat a stream block would help me
> accomplish this.
>
> Joel
>
> On Tue, Apr 25, 2017 at 1:49 PM, Robert Paprocki <
> rpaprocki at fearnothingproductions.net> wrote:
>
>> No. stream {} and http {} blocks are mutually exclusive.
>>
>> What exactly are you trying to accomplish with stream?
>>
>> On Tue, Apr 25, 2017 at 11:46 AM, Joel Parker <joel.parker.gm at gmail.com>
>> wrote:
>>
>>> so can I have a hierarchy like this ?
>>>
>>> http {
>>>       // log format
>>>     stream {
>>>           server {
>>>              // access log
>>>          }
>>>     }
>>> }
>>>
>>> On Tue, Apr 25, 2017 at 1:38 PM, Robert Paprocki <
>>> rpaprocki at fearnothingproductions.net> wrote:
>>>
>>>> What you're doing doesn't quite make sense. You're trying to log HTTP
>>>> data inside a stream block. That doesn't work. There's no such concept of
>>>> $status, $http_referer, etc, inside a stream {} block.
>>>>
>>>> Have a read of the log_format docs: http://nginx.org/en/docs
>>>> /http/ngx_http_log_module.html#log_format
>>>>
>>>>
>>>> Syntax: *log_format* *name* [escape=default|json] *string* ...;
>>>> Default:
>>>>
>>>> log_format combined "...";
>>>>
>>>> Context: http
>>>>
>>>>
>>>>
>>>> On Tue, Apr 25, 2017 at 11:32 AM, Joel Parker <joel.parker.gm at gmail.com
>>>> > wrote:
>>>>
>>>>> I am trying to log all request / response in a stream with a lua
>>>>> script I found in git hub and am having issues figuring out where to put
>>>>> the log_format directive. Here is what I currently have :
>>>>>
>>>>> stream {
>>>>>
>>>>>     log_format bodylog '$remote_addr - $remote_user [$time_local] '
>>>>>       '"$request" $status $body_bytes_sent '
>>>>>       '"$http_referer" "$http_user_agent" $request_time '
>>>>>       '<"$request_body" >"$resp_body"';
>>>>>
>>>>>      lua_need_request_body on;
>>>>>
>>>>>      set $resp_body "";
>>>>>      body_filter_by_lua '
>>>>>         local resp_body = ngx.arg[1]
>>>>>         ngx.ctx.buffered = (ngx.ctx.buffered or "") .. resp_body
>>>>>         if ngx.arg[2] then
>>>>>            ngx.var.resp_body = ngx.ctx.buffered
>>>>>         end
>>>>>        ';
>>>>>
>>>>> ......
>>>>>
>>>>> }
>>>>>
>>>>> _______________________________________________
>>>>> nginx mailing list
>>>>> nginx at nginx.org
>>>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> nginx mailing list
>>>> nginx at nginx.org
>>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>>
>>>
>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170425/0f07da79/attachment.html>


More information about the nginx mailing list