not adding datas to mysql

[GoogleCodeExporter]

What steps will reproduce the problem?
1.starting nx_intercept.py -c naxsi-ui-learning.conf
2.starting nx_extract.py naxsi-ui-learning.conf
3. checking web ui

What is the expected output? What do you see instead?
I see no datas/hits in my web interface

What version of the product are you using? On what operating system?
ubuntu 12.04- naxsi: 0.46-1

Please provide any additional informatin below.
nx_intercept seems running, but when I add -a ip:myip its just runs for a 
second then stops.

Also, learnign daemon nx_intercept starts when not entering ip, but doesn't 
populate my /tmp/naxsi_rules.tmp

Thank you for helping!

Original issue reported on code.google.com by prizem...@gmail.com on 19 Jun 2012 at 7:01

[GoogleCodeExporter]

Hi,

Could you provide your nginx configuration ? Especially your DeniedUrl location.
It's normal behavior for nx_intercept to exit after using the -a switch (it 
just adds the signature to monitor to the database). For now, the signature is 
only stocked in the database and nothing is displayed on the web interface, 
I'll try to add that to the web interface soon.
nx_intercept doesn't populate /tmp/naxsi_rules.tmp anymore (we should probably 
remove this part from the wiki). Now, it will store all the exceptions in a 
database (naxsi_sig if you use the default settings), and you will be able to 
view the whitelist using nx_extract.

Original comment by sephirot...@gmail.com on 20 Jun 2012 at 9:08

[GoogleCodeExporter]

Hello!

Thank you for your quick answer I have attached both the nginx config and the 
/sites-enabled/default file.

So nx_intercept should store the exceptions in my mysql database or somewhere 
else?

Thanks again!

Original comment by prizem...@gmail.com on 20 Jun 2012 at 10:33

Attachments:

• nginx.conf
• default.txt

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

when I start nx_intercept -c naxsi-ui-learning.conf -a ip:I - it stops and i 
see that the error log contains something like this: " [error] 10481#0: *10 
connect() failed (111: Connection refused) while connecting to upstream | 
upstream: "http://127.0.0.1:8080/RequestDenied "

However when I exclude the - a it produces log like this but still no data to 
the mysql db:
NAXSI_FMT: 
ip=85.67.16.131&server=domain.com&uri=/bblabla/&total_processed=8&total_blocked=
1&zone0=ARGS&id0=1000&var_name0=a&zone1=ARGS ....

Hope I could provide more info about my issue.

Thank you!

Original comment by prizem...@gmail.com on 20 Jun 2012 at 2:00

[GoogleCodeExporter]

when using the 0.47 code base on Ubuntu 12.04 the db populates after the first 
hit

Original comment by da...@heidt.biz on 16 Jul 2012 at 12:52

[GoogleCodeExporter]

Can we consider the issue as closed, or do you still face the problem ?

Original comment by ori...@gmail.com on 1 Aug 2012 at 5:35

[GoogleCodeExporter]

I have had same problem.
Import command "python nx_intercept.py -c naxsi-ui-learning.conf -l 
/var/log/nginx/error.log"
I tried on Debian, versions of nginx-naxsi-ui 1.2.1-2~bpo60+1 and 
1.2.3-1~dotdeb.0.
Import finished successfully, but MySQL haven't any data. 
During import, db was filled, after done was empty. Autoincrement in collums 
matches number of NAXSI_FMT's entries in nginx error log. According MySQl query 
log, import runs ok. If I rerun query from log, insert was successful.

Any help will be appreciated.

Original comment by ales.bo...@gmail.com on 23 Aug 2012 at 12:07

[GoogleCodeExporter]

Hello, 

Can you please provide your logfile ?
I don't see what can happen here.
Please as well give a try for 0.49rc1 if you still face the problem.

Thanks

Original comment by ori...@gmail.com on 28 Aug 2012 at 5:55

[GoogleCodeExporter]

I guess python script is not opening auto commit connection to mysql, as a 
result you need to do commit yourself.

Attached diff that adds COMMIT command after inserting rows into mysql. This 
will work on other databases as well.

Original comment by artiom.l...@gmail.com on 30 Aug 2012 at 11:45

Attachments:

• naxsi-mysql-commit.diff

[GoogleCodeExporter]

Hello,

As far as I know, MySQL has auto-commit enabled by default, and we didn't 
explicitly ask for non auto-commit connection, so we shouldn't have to use 
commit statement.

Plus, I just did some test and I cannot reproduce your issue.

Could you please provide some more details about your configuration (debug, 
python, mysql, nginx etc.) and/or a reproducible test set ?

Anyway, thanks for the patch, but I'm a bit reluctant to apply it, I'd like to 
evaluate the possible implications of this first.

Best regards,

Original comment by ori...@gmail.com on 30 Aug 2012 at 12:06

[GoogleCodeExporter]

Original comment by ori...@gmail.com on 11 Oct 2012 at 11:10

• Changed state: Fixed