Messages

Yup, that trick was it. Thanks again for your help :D

That was it. I was definitely getting the options mixed up. A comment to the Match Value would of been helpful for sure.

I appreciate your help.

I do have one last question though, can we pipe multiple arguments together like

Code Select Expand

BasicRule wl:1007,1008 "mz:$URL_X:^/displaynames$|$BODY_VAR_X:^(users|display)$";

Hey Fright,

Isn't the Match Value in the web gui generating the BODY_VAR:string value in the MatchZone whitelist?

Under the MatchZone whitelist example from the github URL, I see this:

BasicRule wl:4242 "mz:$ARGS_VAR:foo|$URL:/x";

foo would be the ARS_VAR variable in the Match Value portion of the NAXSI Rule. Or that's how I think I understand it....

There's an issue I'm experiencing where the NGINX plugin is not generating Match Values when whitelisting a rule within NAXSI. The NAXSI config in /usr/local/etc/nginx/nginx.conf is different from the config in OPNsense. I attached a screenshot of a whitelisted rule in the OPNsense GUI to compare with it's generated counterpart below:

BasicRule wl:1010,1011 "mz:$URL:/displaynames|BODY";

The "users" Match Value in the attachment is not generated in the nginx.conf file and omitted completely. This rule is just an example, but this applies to all the whitelisted rules I have. Not sure if this is a bug, an unimplemented feature, a working as-is feature or just a layer 8 issue. Has anyone come across this?