Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fetch methods for app parameter #94

Closed
jvinolas opened this issue Nov 6, 2023 · 5 comments
Closed

Fetch methods for app parameter #94

jvinolas opened this issue Nov 6, 2023 · 5 comments

Comments

@jvinolas
Copy link

jvinolas commented Nov 6, 2023
edited
Loading

Related to #92, is there any other fetch method that can be used? I tried to set a new header and try to get it into spoe app parameter without success.

Haproxy frontend
http-request add-header X-App open
SPOE
spoe-message coraza-req args app=req.hdr(X-App) id=unique-id src-ip=src...

And coraza logs:

{"level":"debug","ts":1699303677.986173,"msg":"application not found, using default","application":"","default":"open"}

(of course, I have two apps that I want to set up different)
UPDATE: The header is not being added in haproxy. Is this an expected behaviour when using spoe filters?
@sts
Copy link
Contributor

sts commented Nov 7, 2023

never tried to use pass by a header, wanna try using http-request set-var instead?

@jvinolas
Copy link
Author

jvinolas commented Nov 7, 2023

I've already tried with no success: It seems the filter is getting the 'raw' input request without any previous modifications done. As I want to use different configs for different paths I think the only way will be tu use acl in spoa. If you've got any other idea...

@zc-devs
Copy link
Contributor

zc-devs commented Nov 13, 2023

I tried to set a new header and try to get it into spoe app parameter without success

If you use event on-frontend-http-request, then works as intended:

Triggered just before the evaluation of http-request rules in a frontend

@mamedin
Copy link

mamedin commented May 13, 2024

Using haproxy 2.8.9 I had to use proc.var_name instead of rtx.var_name. I wanted to use a variable for the app_name, based on hdr(host), so in frontend:

    # Define coraza app variable
    http-request set-var(proc.coraza_app) str(default_app)
    http-request set-var(proc.coraza_app) str(myapp_app) if { hdr(host) -i www.example.com }

In /etc/haproxy/coraza.conf:

 spoe-message coraza-req
    args app=var(proc.coraza_app) id=unique-id src-ip=src src-port=src_port dst-ip=dst dst-port=dst_port method=method path=path query=query version=req.ver headers=req.hdrs body=req.body
    event on-frontend-http-request

spoe-message coraza-res
    args app=var(proc.coraza_app) id=unique-id version=res.ver status=status headers=res.hdrs body=res.body
    event on-http-response

It is working fine with proc.var_name but was failing using txn.var_name

@fionera
Copy link
Contributor

fionera commented Nov 12, 2024

Is this still an issue? It seems more of a haproxy config issue then smth related to coraza-spoa, but you should be able to set a txn-variable based on the header and use that for coraza. Please reopen if help is still needed

@fionera fionera closed this as completed Nov 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@sts @jvinolas @fionera @mamedin @zc-devs