Are you behind a (reverse) proxy-server? I had also a problem with it, my solution was this (small) patch; --- a/web/enadis.c 2019-07-23 17:29:06.000000000 +0200 +++ b/web/enadis.c 2019-09-11 01:06:33.283642013 +0200 @@ -332,7 +332,8 @@ int argi, i; char *username = getenv("REMOTE_USER"); char *userhost = getenv("REMOTE_HOST"); - char *userip = getenv("REMOTE_ADDR"); + char *userip = getenv("HTTP_X_FORWARDED_FOR"); + if (userip == NULL) userip = getenv("REMOTE_ADDR"); SBUF_DEFINE(fullmsg); char *envarea = NULL; int obeycookies = 1; --- a/web/acknowledge.c 2019-07-23 17:29:06.000000000 +0200 +++ b/web/acknowledge.c 2019-09-11 01:01:55.493676233 +0200 @@ -374,7 +374,8 @@ parse_query(); if (getenv("REMOTE_USER")) { - char *remaddr = getenv("REMOTE_ADDR"); + char *remaddr = getenv("HTTP_X_FORWARDED_FOR"); + if (remaddr == NULL) remaddr = getenv("REMOTE_ADDR"); SBUF_MALLOC(acking_user, 1024 + strlen(getenv("REMOTE_USER")) + (remaddr ? strlen(remaddr) : 0)); snprintf(acking_user, acking_user_buflen, "\nAcked by: %s", getenv("REMOTE_USER")); Ciao, Ren? Op woensdag 11-09-2019 om 15:23 uur [tijdzone -0700], schreef J.C. Cleaver:
On Wed, September 11, 2019 8:38 am, Rothlisberger, John R. wrote:
We are having issues with acknowledge.sh & enadis.sh since upgrading to 4.3.29 and then to 4.3.30 on Ubuntu 16.04.
For enadis.sh we do get the following error in the apache log: 2019-09-11 16:34:23.901080 Enadis POST that is not coming from self or svcstatus (referer=https://xymonserver/xymon-seccgi/enadis.sh). Ignoring.
How can we enable debugging on enadis and have that dump to a file?
Unfortunately, it's not quite as easy as it used to be when we were using shell-based wrappers about the C programs.
You can pass "--debug" as an option to the CGI_ENADIS_OPTS variable in /etc/xymon/cgioptions.cfg , however. If the error appears to be happening early in the CGI process (before headers are generated), you can also set CGIDEBUG=1
For the issue in question, it seems like the XSS checking is not working properly or the referer information is somehow being stripped. Are there any unusual CSP changes in your apache configuration, or do you have mod_security enabled by any chance?
-jc
_______________________________________________ Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
________________________________________________ Dit bericht is gescand op virussen d.m.v. ClamAV @vermare.net