Skip to content

fix(proxy): add L7 inspection to forward proxy path#666

Merged
johntmyers merged 3 commits intoNVIDIA:mainfrom
latenighthackathon:fix/forward-proxy-l7-inspection
Mar 30, 2026
Merged

fix(proxy): add L7 inspection to forward proxy path#666
johntmyers merged 3 commits intoNVIDIA:mainfrom
latenighthackathon:fix/forward-proxy-l7-inspection

Conversation

@latenighthackathon
Copy link
Copy Markdown
Contributor

@latenighthackathon latenighthackathon commented Mar 29, 2026
edited
Loading

Summary

The forward proxy previously rejected all requests to endpoints with L7 rules (blanket 403), forcing clients through the CONNECT tunnel. Policies like access: read-only (allow GET, block POST) had no effect on plain http:// requests via the forward proxy. This PR replaces the blanket rejection with actual L7 evaluation.

Related Issue

Closes #643

Changes

  • Made evaluate_l7_request() public for cross-module use.
  • Replaced blanket 403 with L7 policy evaluation on the forward proxy path: query L7 config, clone OPA engine, evaluate request method/path against policy.
  • Allow if policy permits; deny with 403 if enforcement: enforce and policy denies.
  • Audit mode: log but allow (matching CONNECT path behaviour).
  • Fail-closed: deny on evaluation errors.
  • Updated architecture/security-policy.md V1 simplifications note.
  • Updated regression tests to validate new behaviour (GET allowed → 200, POST denied → 403).

Security posture change

Endpoints that previously received a blanket 403 on the forward proxy path will now be evaluated against their L7 policy. The forward proxy uses Connection: close (one request per connection), so a single L7 evaluation suffices.

Testing

  • mise run pre-commit passes
  • Unit tests added/updated
  • E2E tests added/updated

Executed:

  • mise run pre-commit locally: format, license, and lint checks pass
  • Compile/test steps require Linux CI runners
  • CI branch checks pass (Rust build-amd64, build-arm64, Python, License Headers all green)

Checklist

  • Follows Conventional Commits
  • Commits are signed off (DCO)
  • Architecture docs updated (if applicable)

@latenighthackathon
refactor(l7): export evaluate_l7_request for cross-module use
981e28d 
Make evaluate_l7_request() public so the forward proxy path can
evaluate individual requests against L7 policy without going
through the full relay_with_inspection() loop.

Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
@latenighthackathon
fix(proxy): add L7 inspection to forward proxy path
3088e56 
The forward proxy previously rejected all requests to endpoints with
L7 rules (blanket 403), forcing clients through the CONNECT tunnel.
This meant policies like read-only (allow GET, block POST) had no
effect on plain http:// requests through the forward proxy.

Replace the blanket rejection with actual L7 evaluation:
- Query L7 config for the endpoint (same as before)
- Clone the OPA engine and evaluate the request method/path
- Allow if L7 policy permits, deny with 403 if enforcement is enforce
- Audit mode: log but allow (matching CONNECT path behavior)
- Fail-closed: deny on evaluation errors

The forward proxy uses Connection: close (one request per connection),
so a single evaluation suffices — no relay loop needed.

Update e2e tests to validate the new behavior:
- GET /allowed → 200 (L7 policy allows)
- POST /allowed → 403 (L7 policy denies, enforcement: enforce)

Update security-policy.md to reflect the new forward proxy L7 behavior.

Closes NVIDIA#643

Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
@latenighthackathon latenighthackathon requested a review from a team as a code owner March 29, 2026 23:31
@latenighthackathon
Copy link
Copy Markdown
Contributor Author

latenighthackathon commented Mar 29, 2026

I have read the DCO document and I hereby sign the DCO.

@johntmyers johntmyers self-assigned this Mar 30, 2026
@johntmyers
Copy link
Copy Markdown
Collaborator

johntmyers commented Mar 30, 2026

Thank you. None of your PRs are following the AGENTS.md guidance for pre-commits. While the PRs are welcomed please ensure to follow this guidance.

@latenighthackathon
style(proxy): apply cargo fmt formatting
fe513f1 
Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
@latenighthackathon
Copy link
Copy Markdown
Contributor Author

latenighthackathon commented Mar 30, 2026
edited
Loading

Understood — thanks for the feedback and info! I've now set up mise locally and will run mise run pre-commit before every commit going forward!

@johntmyers johntmyers merged commit 94fbb64 into NVIDIA:main Mar 30, 2026
9 checks passed
@latenighthackathon latenighthackathon deleted the fix/forward-proxy-l7-inspection branch March 30, 2026 16:31
@johntmyers johntmyers mentioned this pull request Mar 30, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@johntmyers johntmyers johntmyers approved these changes

Assignees

@johntmyers johntmyers

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

sec(proxy): forward proxy path skips L7 inspection — policy enforcement gap on private IP endpoints

2 participants

@latenighthackathon @johntmyers