On Mon, Dec 23, 2019 at 11:04:43PM +0100, Marcin Kozlowski wrote: > Hi List, > > How to get x_forwarded_for sent in the request in NGINX module (NAXSI in > particular): > > My attempt: > > ngx_log_error(NGX_LOG_ERR, req->connection->log, > 0, "test %s", (char *)req->headers_in.x_forwarded_for.elts); > > The bigger problem I am trying to solve with NAXSI is this: > > https://stackoverflow.com/questions/59453729/naxsi-blacklist-and-whitelist-setup-with-nginx > > I want to simply create a map and check if X-forwarded-for is on the > whitelist and if yes, always allow it. > > Above does not work. Prints garabge. Why it is (void *) ??? > > Debugging it: > > $1 = (ngx_http_request_t *) 0xa44df0 > (gdb) p req->headers_ > headers_in headers_out > (gdb) p req->headers_in > $2 = {headers = {last = 0xa44e60, part = {elts = 0xad4d10, nelts = 7, next > = 0x0}, size = 48, nalloc = 20, > pool = 0xa44da0}, host = 0xad4d10, connection = 0x0, if_modified_since > = 0x0, if_unmodified_since = 0x0, > if_match = 0x0, if_none_match = 0x0, user_agent = 0xad4d70, referer = > 0x0, content_length = 0x0, > content_range = 0x0, content_type = 0x0, range = 0x0, if_range = 0x0, > transfer_encoding = 0x0, te = 0x0, > expect = 0x0, upgrade = 0x0, accept_encoding = 0x0, via = 0x0, > authorization = 0x0, keep_alive = 0x0, > x_forwarded_for = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool > = 0xa44da0}, x_real_ip = 0x0, user = { > len = 0, data = 0x0}, passwd = {len = 0, data = 0x0}, cookies = {elts = > 0x0, nelts = 0, size = 0, nalloc = 0, > pool = 0x0}, server = {len = 32, data = 0xa449a9 "domain.com"}, > content_length_n = -1, > keep_alive_n = -1, connection_type = 2, chunked = 0, msie = 0, msie6 = 0, > opera = 0, gecko = 0, chrome = 0, > safari = 0, konqueror = 0} > (gdb) p req->headers_in.x_forwarded_for > $3 = {elts = 0xa45b98, nelts = 1, size = 8, nalloc = 1, pool = 0xa44da0} > (gdb) p req->headers_in.x_forwarded_for .elts > $4 = (void *) 0xa45b98 > (gdb) p req->headers_in.x_forwarded_for.elts > $5 = (void *) 0xa45b98 > > What structure is this? Linked List? Why the elts point to garbage, when I > know the Loadbalancer added the X-Forwarded-for header with value.
It's an array of type ngx_table_elt_t, the number of elements is in "nelts". Please see the handler for the $http_x_forwarded_for variable in the ngx_http_variables.c on how to work with it. _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
