Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kaspars_Zibarts
Authority
Authority

HTTP XFF header not being removed in R80.10

In case someone else was using SK How to enable stripping of X-Forward-For (XFF) field 

I know that it worked perfectly OK in R70.30 and we never bothered checking it after upgrades to R80.10, just assumed it worked. Today just by pure chance I stumbled across the fact that our internal IPs are being sent out in XFF header that were supposed to be stripped out.

One thing that I noticed with R80.10 is that kernel parameter ws_remove_proxy_connection_header doesn't seem to work anymore 

Anyone else could verify this?

SR submitted

8 Replies
PhoneBoy
Admin
Admin

Since the SK says it's relevant for R80.10, it's probably worth a TAC case to investigate.

0 Kudos
Reply
G_W_Albrecht
Champion
Champion

The sk speaks about two procedures (depending on the IA blade) to enable this, one in Dashboard and one in GUIdbEdit. Then we find the comment: It has been observed that XFF stripping may still not function, even if all the above steps are performed correctly, when the value of kernel parameter 'ws_remove_proxy_connection_header' is set to 0 (zero).

It say : May !

0 Kudos
Reply
Kaspars_Zibarts
Authority
Authority

That's why I added the screenshot - it does not recognise the parameter Smiley Sad we were able to set/get it in R77.30

0 Kudos
Reply
PhoneBoy
Admin
Admin

Thus why I think a TAC case is needed to investigate.

0 Kudos
Reply
Kaspars_Zibarts
Authority
Authority

Yep, as mentioned in original post - case lodged and all logs provided. Smiley Happy Time for weekend. Hopefully it's fixed when I return on Monday morning

0 Kudos
Reply
Kaspars_Zibarts
Authority
Authority

Hard to admit but it was proper Homer situation.. Forgot that we ad turned off AntiBot blade few months ago and you need one of medium path blades to be active for XFF removal to work

0 Kudos
Reply
PhoneBoy
Admin
Admin

Yep, that will definitely do it.  

0 Kudos
Reply
Kaspars_Zibarts
Authority
Authority

You meant bang myself on the head? haha yep!

0 Kudos
Reply