Closed GoogleCodeExporter closed 8 years ago
Hi,
Could you provide your nginx configuration ? Especially your DeniedUrl location.
It's normal behavior for nx_intercept to exit after using the -a switch (it
just adds the signature to monitor to the database). For now, the signature is
only stocked in the database and nothing is displayed on the web interface,
I'll try to add that to the web interface soon.
nx_intercept doesn't populate /tmp/naxsi_rules.tmp anymore (we should probably
remove this part from the wiki). Now, it will store all the exceptions in a
database (naxsi_sig if you use the default settings), and you will be able to
view the whitelist using nx_extract.
Original comment by sephirot...@gmail.com
on 20 Jun 2012 at 9:08
Hello!
Thank you for your quick answer I have attached both the nginx config and the
/sites-enabled/default file.
So nx_intercept should store the exceptions in my mysql database or somewhere
else?
Thanks again!
Original comment by prizem...@gmail.com
on 20 Jun 2012 at 10:33
Attachments:
[deleted comment]
when I start nx_intercept -c naxsi-ui-learning.conf -a ip:I - it stops and i
see that the error log contains something like this: " [error] 10481#0: *10
connect() failed (111: Connection refused) while connecting to upstream |
upstream: "http://127.0.0.1:8080/RequestDenied "
However when I exclude the - a it produces log like this but still no data to
the mysql db:
NAXSI_FMT:
ip=85.67.16.131&server=domain.com&uri=/bblabla/&total_processed=8&total_blocked=
1&zone0=ARGS&id0=1000&var_name0=a&zone1=ARGS ....
Hope I could provide more info about my issue.
Thank you!
Original comment by prizem...@gmail.com
on 20 Jun 2012 at 2:00
when using the 0.47 code base on Ubuntu 12.04 the db populates after the first
hit
Original comment by da...@heidt.biz
on 16 Jul 2012 at 12:52
Can we consider the issue as closed, or do you still face the problem ?
Original comment by ori...@gmail.com
on 1 Aug 2012 at 5:35
I have had same problem.
Import command "python nx_intercept.py -c naxsi-ui-learning.conf -l
/var/log/nginx/error.log"
I tried on Debian, versions of nginx-naxsi-ui 1.2.1-2~bpo60+1 and
1.2.3-1~dotdeb.0.
Import finished successfully, but MySQL haven't any data.
During import, db was filled, after done was empty. Autoincrement in collums
matches number of NAXSI_FMT's entries in nginx error log. According MySQl query
log, import runs ok. If I rerun query from log, insert was successful.
Any help will be appreciated.
Original comment by ales.bo...@gmail.com
on 23 Aug 2012 at 12:07
Hello,
Can you please provide your logfile ?
I don't see what can happen here.
Please as well give a try for 0.49rc1 if you still face the problem.
Thanks
Original comment by ori...@gmail.com
on 28 Aug 2012 at 5:55
I guess python script is not opening auto commit connection to mysql, as a
result you need to do commit yourself.
Attached diff that adds COMMIT command after inserting rows into mysql. This
will work on other databases as well.
Original comment by artiom.l...@gmail.com
on 30 Aug 2012 at 11:45
Attachments:
Hello,
As far as I know, MySQL has auto-commit enabled by default, and we didn't
explicitly ask for non auto-commit connection, so we shouldn't have to use
commit statement.
Plus, I just did some test and I cannot reproduce your issue.
Could you please provide some more details about your configuration (debug,
python, mysql, nginx etc.) and/or a reproducible test set ?
Anyway, thanks for the patch, but I'm a bit reluctant to apply it, I'd like to
evaluate the possible implications of this first.
Best regards,
Original comment by ori...@gmail.com
on 30 Aug 2012 at 12:06
Original comment by ori...@gmail.com
on 11 Oct 2012 at 11:10
Original issue reported on code.google.com by
prizem...@gmail.com
on 19 Jun 2012 at 7:01