1

I want to dump all request that nginx is getting for a specific location so I can debug a strange problem that I have.

Usually tcpdump would be the solution but remember that nginx is accessed using HTTPS so dumping secured packages wouldn't be useful.

Note: in fact I am mostly intereted to dump all headers as I need to find out if any proxy modified the requests made by the client.

Obviously, I already used Wireshark or Charles on the client side but I came to the conclusion that that reaches the server is different that what it was sent by the client.

sorin
  • 8,016
  • 24
  • 79
  • 103
  • 1
    Depending on your encryption you can decrypt the ssl traffix with wirshark if you have access to the ssl key. This works with RSA. – Christopher Perrin Aug 05 '13 at 18:12
  • Thanks @ChristopherPerrin ... I was hopping for something easier than this, especially that I can control the NGINX which is used only as a frontend to another webserver. – sorin Aug 05 '13 at 18:19

1 Answers1

0

You can but only for predefined headers. With a combination of the nginx geo module and a custom log format.

geo $geo  {
  default          0;
  127.0.0.1/32     1;
  192.168.1.0/24   1;
  10.1.0.0/16      1;
}

server {
  log_format custom '$remote_addr - HEADERS: $sent_http_content_range';

  if($geo) {
    access_log bad.log custom;
  }
}
Christopher Perrin
  • 4,811
  • 19
  • 33