/ Zope / Apsis / Pound Mailing List / Archive / 2008 / 2008-01 / X-FORWARDED-FOR and logs

[ << ] [ >> ]

[ Back-End Hostname / "Henk de Weerdt" ... ] [ server load with only pound running / "Adam ... ]

X-FORWARDED-FOR and logs
Stefan Lambrev <stefan.lambrev(at)sun-fish.com>		 2008-01-08 13:14:28 [ FULL ] 
Hi,

Is there any way to have X-FORWARDED-FOR header logged (in pound logs)?
I know pound (2.3.2) have few predefined log formats, but it will be 
good if one
can log X-Forowarded-For, in the rare cases when pound runs behind proxy.

If this is not possible, please threat this mail as feature request :)

Thanks in advance and happy new year!
[...]
Re: [Pound Mailing List] X-FORWARDED-FOR and logs
"Adam Lis" <adam.lis(at)gmail.com>		 2008-01-09 16:40:33 [ FULL ] 
2008/1/8, Stefan Lambrev <stefan.lambrev(at)sun-fish.com>:[...]

Hi!

In fact changing sources to achieve this is not really hard.
I'm sysadmin and do not use C on daily basis. I managed ;-)

in pound.h
1. Add "#define HEADER_X_FORWARDED_FOR      11"

in svc.c
1. add HEADER_X_FORWARDED_FOR into function check_header

in http.c
1. add variable - in my code it's xforwardal[MAXBUF]
2. init above variable with '\0'
3. do the magic in case construction that read headers

+            case HEADER_X_FORWARDED_FOR:
+                strcpy(xforwardal, buf);
+                break;

4. modify argument for logmsg function. I just switched "caddr" into
"xforwardal"

Code below (w/o any responsibility):

adamlis(at)site:/usr/local/src/Pound-2.3.2-front$ find . -name "*.h"
-exec diff -ruN {} ../Pound-2.3.2-mid_a/{} \;
--- ./pound.h   2007-11-24 00:37:26.000000000 +0000
+++ ../Pound-2.3.2-mid_a/./pound.h      2007-11-27 23:03:19.000000000 +0000
(at)(at) -385,6 +385,7 (at)(at)
 #define HEADER_USER_AGENT           8
 #define HEADER_URI                  9
 #define HEADER_DESTINATION          10
+#define HEADER_X_FORWARDED_FOR      11

 /* control request stuff */
 typedef enum    {
adamlis(at)site:/usr/local/src/Pound-2.3.2-front$

adamlis(at)site:/usr/local/src/Pound-2.3.2-front$ find . -name "*.c"
-exec diff -ruN {} ../Pound-2.3.2-mid_a/{} \;
--- ./svc.c     2007-05-18 09:34:53.000000000 +0100
+++ ../Pound-2.3.2-mid_a/./svc.c        2007-11-27 23:03:50.000000000 +0000
(at)(at) -369,6 +369,7 (at)(at)
         { "Referer",            7,  HEADER_REFERER },
         { "User-agent",         10, HEADER_USER_AGENT },
         { "Destination",        11, HEADER_DESTINATION },
+        { "X-Forwarded-For",    15, HEADER_X_FORWARDED_FOR },
         { "",                   0,  HEADER_OTHER },
     };
     int i;
--- ./http.c    2007-05-18 09:34:53.000000000 +0100
+++ ../Pound-2.3.2-mid_a/./http.c       2007-11-27 23:02:47.000000000 +0000
(at)(at) -451,7 +451,7 (at)(at)
     X509                *x509;
     char                request[MAXBUF], response[MAXBUF],
buf[MAXBUF], url[MAXBUF], loc_path[MAXBUF], **headers,
                         headers_ok[MAXHEADERS], v_host[MAXBUF],
referer[MAXBUF], u_agent[MAXBUF], u_name[MAXBUF],
-                        caddr[MAXBUF], req_time[LOG_TIME_SIZE],
s_res_bytes[LOG_BYTES_SIZE], *mh;
+                        caddr[MAXBUF], req_time[LOG_TIME_SIZE],
s_res_bytes[LOG_BYTES_SIZE], xforwardal[MAXBUF], *mh;
     SSL                 *ssl;
     long                cont, res_bytes;
     struct sockaddr_in  *srv;
(at)(at) -546,7 +546,7 (at)(at)

     for(cl_11 = be_11 = 0;;) {
         res_bytes = 0L;
-        v_host[0] = referer[0] = u_agent[0] = u_name[0] = '\0';
+        v_host[0] = referer[0] = u_agent[0] = u_name[0] = xforwardal[0] =
'\0';
         conn_closed = 0;
         for(n = 0; n < MAXHEADERS; n++)
             headers_ok[n] = 1;
(at)(at) -602,6 +602,9 (at)(at)
             case HEADER_USER_AGENT:
                 strcpy(u_agent, buf);
                 break;
+            case HEADER_X_FORWARDED_FOR:
+                strcpy(xforwardal, buf);
+                break;
             case HEADER_CONNECTION:
                 if(!strcasecmp("close", buf))
                     conn_closed = 1;
(at)(at) -1235,7 +1238,7 (at)(at)
         case 5:
             logmsg(LOG_INFO, "%s %s - %s [%s] \"%s\" %c%c%c %s \"%s\"
\"%s\" (%s -> %s) %.3f sec",
                 v_host[0]? v_host: "-",
-                caddr, u_name[0]? u_name: "-", req_time, request,
response[9], response[10],
+                xforwardal[0]? xforwardal: "0.0.0.0", u_name[0]?
u_name: "-", req_time, request, response[9], response[10],
                 response[11], s_res_bytes, referer, u_agent,
svc->name[0]? svc->name: "-", buf,
                 (end_req - start_req) / 1000000.0);
             break;
adamlis(at)site:/usr/local/src/Pound-2.3.2-front$
Re: [Pound Mailing List] X-FORWARDED-FOR and logs
Stefan Lambrev <stefan.lambrev(at)sun-fish.com>		 2008-01-09 17:21:31 [ FULL ] 
Hi,

Thanks for the patch Adam.
I'll take a look at it.
Just one more question, what will happen if someone send crafted
X-Forwarded-For header long enough to overflow the limit?
I think X-Forwarded-For need special treatment, but I can be wrong.

Adam Lis wrote:[...][...][...]
[...]
Re: [Pound Mailing List] X-FORWARDED-FOR and logs
Dave Steinberg <dave(at)redterror.net>		 2008-01-09 17:56:32 [ FULL ] 
Stefan Lambrev wrote:[...]

I was thinking the *exact* same thing.

Robert - how welcome would a "safe string" patch be?  I'd be happy to 
work something up using OpenBSD's strlcpy() functions, but I am not 
immediately sure of the portability problems this presents.

The wikipedia article is pretty good:

http://en.wikipedia.org/wiki/Strlcpy

Maybe this is would be good after 2.4 moves to stable, as a first step 
in the next beta series?

Regards,[...]
MailBoxer