A
Admincraft•5mo ago
Ashank

DDoS/Spam Detection

I've been trying to build up this spam detector to run on my machines, but I've been struggling due to Nginx Proxy Manger / Nginx in general. I've already added
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
to the advanced config in NPM but it's still detecting packets as from my own IP
No description
19 Replies
Admincraft Meta
Admincraft Meta•5mo ago
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close !close !solved !answered
Requested by ashanki#0
Ashank
AshankOP•5mo ago
not really mc related sry but would be nice
Venerable
Venerable•5mo ago
it seems to be for servers
Ashank
AshankOP•5mo ago
wdym
Venerable
Venerable•5mo ago
looks like hes trying to create a spam detection plugin for mc servers
Ashank
AshankOP•5mo ago
not really... mc
Venerable
Venerable•5mo ago
discord interaction is a thing
Ashank
AshankOP•5mo ago
think you're misinterpreting the use case I run many things, I just want to know where the traffic is coming from / going. I operate a server host So many mc servers, webapplications, apis, cdns etc
Venerable
Venerable•5mo ago
ahhh ok and i just now realized you were the poster, im dead tired lol
Ashank
AshankOP•5mo ago
get some rest
looks like he's
šŸ’€ brother im the OP 😭 I just read that
Venerable
Venerable•5mo ago
i would but it's 7 am and i dont wanna destroy my sleep schedule by going to bed now
Ashank
AshankOP•5mo ago
šŸ’€ alr ig
SilentBot
SilentBot•5mo ago
How are you detecting packets? Are you using Nginx streams?
Ashank
AshankOP•5mo ago
no, I have 0 idea how thats the thing I'm just using tcpdump, and that can't detect nginx stuff How do I use nginx streams?
SilentBot
SilentBot•5mo ago
tcpdump doesn't understand proxy_protocol so you would need a program which was proxy_protocol aware to do your logging
SilentBot
SilentBot•5mo ago
or something like mmproxy to "undo" the proxy_protocol https://github.com/cloudflare/mmproxy
GitHub
GitHub - cloudflare/mmproxy: mmproxy, the magical PROXY protocol ga...
mmproxy, the magical PROXY protocol gateway. Contribute to cloudflare/mmproxy development by creating an account on GitHub.
SilentBot
SilentBot•5mo ago
I believe you could maybe also do it with tshark with the right path
Ashank
AshankOP•5mo ago
alr ig
SilentBot
SilentBot•5mo ago
I mean, tcpdump doesn't understand proxy_protocol, so there's no way to magically change the source ip back It's why you'd typically run it only on your proxy instead

Did you find this page helpful?