IP Transparency in NGINX

2019-07-09 Thread jbalasubramanian
Hi all, I am using NGINX 1.13.5 as a Load Balancer for one of my CUSTOM-APPLICATION which will listen on UDP port 2231,67 and 68. I am trying for Load Balancing with IP-Transparency. When I using the proxy_protocol method the packets received from a remote client is modified and send to upstre

Re: FIPS support in nginx?

2019-07-09 Thread tlemons
Thanks for this reply, Vladimir! Where can I find nginx' use of openssl explained in the nginx documentation? I searched but didn't find it. Also, kirti mentioned re-compiling nginx to achieve a FIPS-compliant environment; is that necessary? Thanks! tl Posted at Nginx Forum: https://forum.nginx

Does nginx use unique session identifiers

2019-07-09 Thread Lemons, Terry
Hi Our product uses nginx to front-end inbound web access. To enhance our product's security posture, we have been examining the rules in the DISA Web Server Security Requirements Guide. One of the rules (https:/

How to properly log a bug

2019-07-09 Thread Bernie Quick
Hi, I have been working with NGINX for about a year now. I have some 40 instances of NGINX running and I am running into a core dump with 2 new ones. I have a repeatable process that generates my .conf and my .map files. I have powershell scripts that runs and read from a database and genera

Re: How to configure Nginx LB IP-Transparency for custom UDP application

2019-07-09 Thread Roman Arutyunyan
Hi, On Tue, Jul 09, 2019 at 05:55:39PM +0530, Jeya Murugan wrote: > Hi all, > > > I am using *NGINX 1.13.5 as a Load Balancer for one of my > CUSTOM-APPLICATION *which will listen on* UDP port 2231,67 and 68.* > > I am trying for Load Balancing with IP-Transparency. > > > > When I using the

How to configure Nginx LB IP-Transparency for custom UDP application

2019-07-09 Thread Jeya Murugan
Hi all, I am using *NGINX 1.13.5 as a Load Balancer for one of my CUSTOM-APPLICATION *which will listen on* UDP port 2231,67 and 68.* I am trying for Load Balancing with IP-Transparency. When I using the proxy_protocol method the packets received from a remote client is modified and send to u

Re: TLS 1.3 support in nginx-1.17.1 binary for Ubuntu 18.04 "bionic" provided by nginx.org

2019-07-09 Thread Konstantin Pavlov
Hi Zeev, 03.07.2019 18:49, Zeev Tarantov wrote: > I've installed the nginx package provided by nginx.org > (https://nginx.org/en/linux_packages.html#Ubuntu) > specifically the binary provided by  > https://nginx.org/packages/mainline/ubuntu/pool/nginx/n/nginx/nginx_1.17.1-1~bion

Re: FIPS support in nginx?

2019-07-09 Thread Maxim Dounin
Hello! On Tue, Jul 09, 2019 at 02:09:47AM -0400, kirti maindargikar wrote: > Hi, We are using 1.10.3 nginx in FIPS mode. As discussed above we already > have FIPS enabled on RHEL and we have recompiled nginx with OpenSSL FIPS. > However we still see that Nginx is using MD5 algorithms ( which is

deny vs limit_req

2019-07-09 Thread Webert de Souza Lima
Hi, I have a few `deny` rules set in global scope, sometimes I add spammers there to block annoying attacks. I also have a couple of `limit_req` rules in global scope, and 1 in a local scope, that is more restrictive and I put it inside a `location` directive. Last time an attack happened the li