MaxMindDBEnv doesn't do anything when trying to set proxy request header

Question

MaxMindDBEnv doesn't do anything when trying to set proxy request header

simon-payne-informa opened this issue 4 years ago · 3 comments

simon-payne-informa commented 4 years ago

I have installed libmaxminddb and mod_maxminddb from release tarballs:

https://github.com/maxmind/libmaxminddb/releases/download/1.5.1/libmaxminddb-1.5.1.tar.gz
https://github.com/maxmind/mod_maxminddb/releases/download/1.2.0/mod_maxminddb-1.2.0.tar.gz

I installed them on a Centos VM (based on centos:7.8.2003) running in Docker with HTTPD_VERSION=2.4.46
and using a GeoLite2 Country database from geoip/downloads dated 20210216. In my httpd.conf file I have:

LoadModule remoteip_module modules/mod_remoteip.so
LoadModule maxminddb_module   modules/mod_maxminddb.so

RemoteIPHeader X-Forwarded-For
RemoteIPProxiesHeader   X-Forwarded-By

<VirtualHost *:80>
    ServerName     headertest.myserver.com
    <Proxy "*">
        Require all granted
    </Proxy>
    SSLProxyEngine On
    <IfModule mod_maxminddb.c>
       MaxMindDBEnable On
       MaxMindDBFile  COUNTRY_DB        /usr/local/share/GeoIP/GeoLite2-Country.mmdb
       MaxMindDBEnv   MM_COUNTRY_CODE   COUNTRY_DB/country/iso_code
       MaxMindDBSetNotes On
   </IfModule>
   <LocationMatch "/metrics">
      #SetEnv MM_COUNTRY_CODE "DE"
       ProxyPass https://someserver/metrics
       ProxyPassReverse https://someserver/metrics
       <IfModule mod_maxminddb.c>
          RequestHeader set X-Country-Code %{MM_COUNTRY_CODE}e
          #RequestHeader set X-Country-Code %{MMDB_ADDR}e
       </IfModule>
   </LocationMatch>
</VirtualHost>

While I can set the country code environment variable explicitly (as in set to "DE" above), the following line does nothing it seems: MaxMindDBEnv MM_COUNTRY_CODE COUNTRY_DB/country/iso_code

My request is sent using curl like this:

curl -v -d "{ \"contentType\": \"widget\", \"contentId\":123,\"ipAddress\":\"127.0.0.1\" }" --header "X-Forwarded-For: 80.66.143.255" "Content-Type: application/json" http://headertest.myserver.com/metrics/

If I uncomment the line with MMDB_ADDR, since that IP address (80.66.143.255 - it's an example Belgian IP address, for which I was hoping to get BE popping out as the country code) is populated with the forwarding IP that is passed in via a header, it gets set as the X-Country-Code header value. Whereas I don't get a country code when I instead uncomment this line:

RequestHeader set X-Country-Code %{MM_COUNTRY_CODE}e

I haven't tried building the module from source. It looks as though there is debug logging available if I did that. But before I go that way, is there anything incorrect in my config?

Answer 1 · 2021-02-25T16:56:18.000Z

Does it work if you change RequestHeader set X-Country-Code %{MM_COUNTRY_CODE}e to RequestHeader set X-Country-Code %{ENV:MM_COUNTRY_CODE}e?

If that doesn't fix it, I might suggest asking on StackOverflow or somewhere dedicated to Apache support (user list, IRC, etc.). It could be related to when the directives are parsed vs. when the lookup happens in this module.

Answer 2 · 2021-02-26T16:19:55.000Z

Unfortunately that doesn't make any difference. I will as you say have to ask a bit wider.

I am puzzled about the debug logging though. When I have rebuilt the module from source, it is no larger than the binary version I started with. I would have expected it to be larger by a factor of the log statements compiled into the code. Also, I don't see any logging from the module. I set this in httpd.conf:
LogLevel warn maxminddb_module:info
So I'm surprised not to get anything at all?

If you could comment on my logging question I would appreciate it, as that looks from the C source code as though it should show what is going on. Thanks.

Answer 3 · 2021-02-26T17:47:10.000Z

Ahah I found out how to do it. (Not the logging, it would be nice to know how to get that working, but the main question...)
I found #27 and tried its approach with a small twist:

       MaxMindDBEnable On
       MaxMindDBFile  COUNTRY_DB        /usr/local/share/GeoIP/GeoLite2-Country.mmdb
       MaxMindDBEnv MM_COUNTRY_CODE COUNTRY_DB/country/iso_code
       SetEnvIf MM_COUNTRY_CODE ^(?!\s*$).+ MY_COUNTRY=$0
       # then a bit later on...
       RequestHeader set X-Country-Code %{MY_COUNTRY}e

So this request gives me BE as the country code sent as a new request header:
curl -v -d "{ \"contentType\": \"widget\", \"contentId\":123,\"ipAddress\":\"127.0.0.1\" }" --header "X-Forwarded-For: 80.66.143.255" --header "Content-Type: application/json" http://headertest.myserver.com/metrics/

And this request gives me DE...
curl -v -d "{ \"contentType\": \"widget\", \"contentId\":123,\"ipAddress\":\"127.0.0.1\" }" --header "X-Forwarded-For: 82.113.106.26" --header "Content-Type: application/json" http://headertest.myserver.com/metrics/

Thanks for your help.