2021/08/31 11:00:21 [error] 124259#0: *1 lua entry thread aborted: runtime error: /usr/local/restywaf/site/lualib/resty/waf.lua:258: attempt to call a nil value
stack traceback:
coroutine 0:
/usr/local/restywaf/site/lualib/resty/waf.lua: in function '_process_rule'
/usr/local/restywaf/site/lualib/resty/waf.lua:481: in function 'exec'
access_by_lua(nginx.conf:51):20: in main chunk, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", host: "localhost:8060"
2021/08/31 11:00:21 [error] 124259#0: *1 failed to run header_filter_by_lua*: /usr/local/restywaf/site/lualib/resty/waf.lua:59: attempt to call a nil value
stack traceback:
/usr/local/restywaf/site/lualib/resty/waf.lua:59: in function '_parse_collection'
/usr/local/restywaf/site/lualib/resty/waf.lua:226: in function '_process_rule'
/usr/local/restywaf/site/lualib/resty/waf.lua:481: in function 'exec'
header_filter_by_lua:8: in main chunk, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", host: "localhost:8060"
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
init_by_lua_block {
-- use resty.core for performance improvement, see the status note above
require "resty.core"
-- require the base module
local lua_resty_waf = require "resty.waf"
-- perform some preloading and optimization
lua_resty_waf.init()
}
server {
listen 8060;
location / {
access_by_lua_block {
local lua_resty_waf = require "resty.waf"
local waf = lua_resty_waf:new()
-- define options that will be inherited across all scopes
waf:set_option("debug", false)
waf:set_option("mode", "ACTIVE")
waf:set_option("event_log_level", ngx.WARN)
-- this may be desirable for low-traffic or testing sites
-- by default, event logs are not written until the buffer is full
-- for testing, flush the log buffer every 5 seconds
--
-- this is only necessary when configuring a remote TCP/UDP
-- socket server for event logs. otherwise, this is ignored
waf:set_option("event_log_periodic_flush", 5)
-- run the firewall
waf:exec()
}
header_filter_by_lua_block {
local lua_resty_waf = require "resty.waf"
-- note that options set in previous handlers (in the same scope)
-- do not need to be set again
local waf = lua_resty_waf:new()
waf:exec()
}
body_filter_by_lua_block {
local lua_resty_waf = require "resty.waf"
local waf = lua_resty_waf:new()
waf:exec()
}
log_by_lua_block {
local lua_resty_waf = require "resty.waf"
local waf = lua_resty_waf:new()
waf:write_log_events()
}
proxy_pass http://192.168.120.250:8100;
}
}
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
}
I don't know weither is it because of opm or lua-resty-waf.
I've tried to debug and found that operator REFIND causes the problem, which is not found in operators.lua.
It seems like code and rule is not compatible to echo other.
openresty: https://openresty.org/download/openresty-1.19.3.2.tar.gz install thought opm
I don't know weither is it because of opm or lua-resty-waf. I've tried to debug and found that operator
REFINDcauses the problem, which is not found inoperators.lua. It seems like code and rule is not compatible to echo other.