Use Client IP from header

voroojax / waf-fle

Automatically exported from code.google.com/p/waf-fle

0 stars 0 forks source link

Use Client IP from header #11

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

What steps will reproduce the problem?
Configure sensor without "Use Client IP from header" option. Send log to 
waf-fle with Header X-Forwarded-For

What is the expected output? What do you see instead?
Expected output in rule detail is direct client IP address not indirect IP 
address from X-Forwarded-For header. 

What version of the product are you using? On what operating system?
0.6.0, RHEL5

Please provide any additional information below.

Original issue reported on code.google.com by juraj.sa...@gmail.com on 24 Jan 2013 at 10:05

GoogleCodeExporter commented 8 years ago

I could reproduce the problem. The xff parsing will be revised to work only 
when turned on.
The next release will include the fix.

Original comment by klaub...@gmail.com on 24 Jan 2013 at 9:30

Changed state: Accepted

GoogleCodeExporter commented 8 years ago

Temporary workaroud for this problem is to remove (or comment) this lines in 
controller/index.php:
elseif (preg_match("/$clientIpHeaderRegExp/i", trim($BODY[$line]), $matchesB)) {
  $PhaseA['ClientIP'] = $matchesB[1];  
}
Lines 133,134,135

Original comment by juraj.sa...@gmail.com on 25 Jan 2013 at 7:25

GoogleCodeExporter commented 8 years ago

Issue fixed. Next release will include it.

Thanks for report.

Klaubert

Original comment by klaub...@gmail.com on 25 Feb 2013 at 11:34

Changed state: Fixed