Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
http x-forwarded-for check
Function
The http x-forwarded-for check command enables detection of the X-Forwarded-For field in HTTP packets.
The undo http x-forwarded-for check command disables detection of the X-Forwarded-For field in HTTP packets.
Format
http x-forwarded-for check { any | whitelist } action { alert | block }
undo http x-forwarded-for check
Parameters
| Parameter | Description | Value |
|---|---|---|
| any | When an HTTP packet contains the X-Forwarded-For field, an anomaly is detected. | - |
| whitelist | Detects whether all proxy IP addresses in the X-Forwarded-For field match the whitelist. If no, an anomaly is detected. | - |
| action | Specifies the action. |
- |
| alert | When the X-Forwarded-For field in an HTTP packet is abnormal, the packet is permitted, and a log is recorded. | - |
| block | When the X-Forwarded-For field in an HTTP packet is abnormal, the packet is blocked, and a log is recorded. | - |
Usage Guidelines
If you have configured the detection of whether all proxy IP addresses in the X-Forwarded-For field match a whitelist (whitelist), you need also to run the http x-forwarded-for whitelist command to configure such a whitelist.
By default, this function is disabled.
