I have a situation where I receive a request like:
http://device.healthcheck.com/ready
I want this to be sent to a server upstream but keep the full request
intact. For example:
server {
resolver 8.8.8.8;
listen 80;
location / {
//
Yeah, it was a network issue. tcpdump helped.
Thanks
> On Dec 18, 2017, at 1:39 PM, Francis Daly wrote:
>
> On Mon, Dec 18, 2017 at 01:31:57PM -0600, Joel Parker wrote:
>
> Hi there,
>
>> network connectivity, firewall, etc. are all configured correctly but still
>
> On Mon, Dec 18, 2017 at 01:21:41PM -0600, Joel Parker wrote:
>
> Hi there,
>
> > I have seen this a lot on google but have not been able to find a
> suitable
> > solution. My firewall is setup correctly.
>
> This looks like something that nginx can not do anythi
I have seen this a lot on google but have not been able to find a suitable
solution. My firewall is setup correctly.
I am listening on port 80
netstat -anltp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program n
I want to load a table of key/value pairs from the file system when nginx
starts and not every time a request comes in. I am going to use the
key/value pairs to compare against incoming post args in my location block.
My question is how many times is init_by_lua_block called ? or is there
somewher
I am trying to load a table from disk (deserialize) into memory and then
add, change, remove the values in the table then write it periodically back
to disk (serialize). I looked at the documentation for the ngx.shared.DICT (
https://github.com/openresty/lua-nginx-module#ngxshareddict) and it seems
I am using lua to parse out the username of the posted form and if the
username == user and password == password.
I want to change the URI to http://www.somesite.com//forum/unauthorized.html
otherwise, I want it just to do:
proxy_pass http://$http_host$uri$is_args$args;
(http://somesite.com.com/
I have configured nginx-1.9.2 to evaluate a third party module and
configure the source like this:
./configure --add-module=../ngx_http_proxy_connect_module-master/
--add-module=../lua-5.1.4/ --with-http_ssl_module
After compiling the version shows what I configured:
# nginx -V
nginx version: n
how can I compile them as external modules (shared objects) ?
Joel Parker
On Tue, May 30, 2017 at 10:22 AM, Maxim Dounin wrote:
> Hello!
>
> On Tue, May 30, 2017 at 10:14:32AM -0500, Joel Parker wrote:
>
> > I am running centos7 and am compiling the lua module and the n
I am running centos7 and am compiling the lua module and the ndk http
module. Everything seems to be configured correctly but after I do a make
and make install, the modules directory doesn't exist and there are no sign
of the shared libraries :
ndk_http_module.so
ngx_http_ula_module.so
Here is
I am running centos7 and am compiling the lua module and the ndk http
module. Everything seems to be configured correctly but after I do a make
and make install, the modules directory doesn't exist and there are no sign
of the shared libraries :
ndk_http_module.so
ngx_http_ula_module.so
Here is
I wanted to see if there was a way to log a request and response in
separate file, so that I end up with something like this:
request_1.log
response_1.log
request_2.log
response_2.log
request_3.log
response_3.log
..
Is there a way to do this ?
Joel
__
So it sounds like if I want to decrypt incoming traffic and upstream
traffic I would put them in the same block like this ?
server {
##
# This is acting like the server side to decrypt the incoming
traffic
I am reading this doc : https://www.nginx.com/blog/nginx-ssl/ and it shows
how to either terminate (de-crypt) ssl or how to receive un-encrypted
traffic over port 80 for example and encrypt it before sending to the
upstream servers.
>From the doc:
listen 443 *ssl*;
*** tells nginx to decrypt th
I have a set directive inside an http block which I thought was valid but
when I run config -t it says the nginx: [emerg] "set" directive is not
allowed here.
http {
log_format bodylog '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_ref
_lua block does), and then
> proxy_pass that traffic to your upstream as normal. Stream blocks are for
> arbitrary TCP/UDP streams; they have no knowledge of layer 7 HTTP data.
>
> BTW it's very bad practice to buffer the whole request body like that ;)
>
>
> On Tue, Apr 2
accomplish this.
Joel
On Tue, Apr 25, 2017 at 1:49 PM, Robert Paprocki <
rpapro...@fearnothingproductions.net> wrote:
> No. stream {} and http {} blocks are mutually exclusive.
>
> What exactly are you trying to accomplish with stream?
>
> On Tue, Apr 25, 2017 at 11:46 AM,
_format
>
>
> Syntax: *log_format* *name* [escape=default|json] *string* ...;
> Default:
>
> log_format combined "...";
>
> Context: http
>
>
>
> On Tue, Apr 25, 2017 at 11:32 AM, Joel Parker
> wrote:
>
>> I am trying to log all request /
I am trying to log all request / response in a stream with a lua script I
found in git hub and am having issues figuring out where to put the
log_format directive. Here is what I currently have :
stream {
log_format bodylog '$remote_addr - $remote_user [$time_local] '
'"$request" $statu
I'm still trying to figure this all out. I am just going to remove
default_server for now like you suggested. The config checker doesn't
complain anymore ... we'll see if it works.
Joel
On Mon, Apr 24, 2017 at 2:10 PM, Joel Parker
wrote:
> I have many servers sending ssl wh
I have many servers sending ssl which I am trying to terminate. So I wanted
to create a statement that was a catch all instead of listening for each ip
address. I thought this would do it :
server {
listen 443 ssl default_server;
..
}
but when I run nginx -t, I keep getting the erro
I guess logging would work I just need to capture the full request and
response to replay later. Is there a standard way to do this or plugin
available ?
On Fri, Apr 21, 2017 at 10:42 AM, Joel Parker
wrote:
> The only other thing I was thinking of was to double proxy through
> localhos
s.net> wrote:
> Is what compatible? Nginx logging? I don't think so, Nginx logs are
> intended to be human readable. Related docs: http://nginx.org/en/
> docs/http/ngx_http_log_module.html#log_format
>
> On Fri, Apr 21, 2017 at 8:25 AM, Joel Parker
> wrote:
>
>> Is
Is it compatible with something like log2pcap ? or I just need to set the
format somehow to be compatible with it.
Joel Parker
On Fri, Apr 21, 2017 at 10:21 AM, Robert Paprocki <
rpapro...@fearnothingproductions.net> wrote:
> Unless wireshark has access to the private key (and PFC isn&
I currently have a config that allows me to terminate TLSv1.2 and decrypt
it. Then it re-encrypts the packets with a different cert before sending to
the upstream servers. I want to "look" at the decrypted packets before they
are encrypted but I am not sure the best way to accomplish this.
I currently have a config that allows me to terminate TLSv1.2 and decrypt
it. Then it re-encrypts the packets with a different cert before sending to
the upstream servers. I want to "look" at the decrypted packets before they
are encrypted but I am not sure the best way to accomplish this.
26 matches
Mail list logo