Client's (remote) IP is logged as both source and destination in audit log #167

defanator · 2019-09-24T12:41:31Z

Log example:

10.69.65.6 - "GET /?abc../ HTTP/1.1" 302 0 - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" 156837944484.860433 - /var/log/modsecurity/audit/20190913/20190913-0957/20190913-095724-156837944484.860433 0 2663.000000 md5:06faa89af0fbe889c27bbe9b2d9051f6
---XtkwNdGM---A--
[13/Sep/2019:09:57:24 -0300] 156837944484.860433 10.69.65.6 52327 10.69.65.6 443

The text was updated successfully, but these errors were encountered:

Closes owasp-modsecurity#167. While here, adjusted related code to use nginx own macros instead of direct functions (htons, inet_ntoa).

defanator added a commit to defanator/ModSecurity-nginx that referenced this issue Sep 24, 2019

Fixed obtaining of server_addr

b93c778

Closes owasp-modsecurity#167. While here, adjusted related code to use nginx own macros instead of direct functions (htons, inet_ntoa).

defanator mentioned this issue Sep 24, 2019

Fixed obtaining of server_addr #168

Closed

zimmerle closed this as completed in bba7c8c Dec 11, 2019

pracj3am pushed a commit to cdn77/ModSecurity-nginx that referenced this issue Nov 4, 2022

Fixed obtaining of server_addr

45caeef

Closes owasp-modsecurity#167. While here, adjusted related code to use nginx own macros instead of direct functions (htons, inet_ntoa).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Client's (remote) IP is logged as both source and destination in audit log #167

Client's (remote) IP is logged as both source and destination in audit log #167

defanator commented Sep 24, 2019

Client's (remote) IP is logged as both source and destination in audit log #167

Client's (remote) IP is logged as both source and destination in audit log #167

Comments

defanator commented Sep 24, 2019