Opened 8 years ago
Last modified 8 years ago
#1154 new enhancement
Passing URG flag via nginx
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-module | Version: | 1.10.x |
| Keywords: | Cc: | ||
| uname -a: | Linux t40487.te4.local 2.6.32-642.3.1.el6.x86_64 #1 SMP Tue Jul 12 18:30:56 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.10.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --add-dynamic-module=njs-1c50334fbea6/nginx --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' |
||
Description
I have a problem with URG flag and passing it via nginx. I use stream module for TCP connections.
Configuration for nginx:
stream {
server {
listen 6002;
proxy_pass 127.0.0.1:8000;
proxy_timeout 10;
}
}
tcpdumps:
from sender:
sudo tcpdump -i any dst port 6002 10:24:08.532935 IP 172.20.9.82.54296 > t40487.te4.local.x11-2: Flags [S], seq 1000, win 8192, length 0 10:24:08.609577 IP 172.20.9.82.54296 > t40487.te4.local.x11-2: Flags [.], ack 1034154399, win 8192, length 0 10:24:08.680219 IP 172.20.9.82.54296 > t40487.te4.local.x11-2: Flags [U], seq 1003:1005, win 8192, urg 0, length 2
on nginx host (collect everything from network):
tcpdump -i any src host 172.20.9.82 and not dst port 22 10:24:08.678898 IP 172.20.9.82.54296 > t40487.te4.local.6002: Flags [.], ack 2008903947, win 8192, length 0 10:24:08.749167 IP 172.20.9.82.54296 > t40487.te4.local.6002: Flags [U], seq 2816206677:2816206679, win 8192, urg 0, length 2
on application (check only application port):
tcpdump -i any dst port 8000 10:25:38.704441 IP localhost.52258 > localhost.irdmi: Flags [S], seq 361184170, win 65495, options [mss 65495,sackOK,TS val 5902248 ecr 0,nop,wscale 7], length 0 10:25:38.704471 IP localhost.52258 > localhost.irdmi: Flags [.], ack 1535641746, win 512, options [nop,nop,TS val 5902248 ecr 5902248], length 0
As you can see the URG flag is not visible in application.
I think that nginx takes packet with URG flag for himself :-)
Is it possible to pass it to application?
Change History (5)
comment:1 by , 8 years ago
comment:3 by , 8 years ago
Additional detail:
URGs are implemented as 'out of band' communication (man sendto(2)):
MSG_OOB
Sends out-of-band data on sockets that support this notion (e.g., of type SOCK_STREAM); the underlying protocol must also support out-of-band data.
comment:5 by , 8 years ago
| Type: | defect → enhancement |
|---|
Note:
See TracTickets
for help on using tickets.
Just wonder: what type of application is it?