Welcome! Log In Create A New Profile

Advanced

ip address masking

Posted by Tom 
Tom
ip address masking
February 14, 2018 02:50AM
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Alex Samad
Re: ip address masking
February 14, 2018 04:20AM
Why not just change the log format to exclude the ip address or put in
static ip

On 14 February 2018 at 12:46, Tom <[email protected]> wrote:

> Hi,
>
> I'm wondering if anyone has successfully masked ip addresses in nginx
> before they are written to a log file.
>
> I understand there are reasons why you would and would not do this.
>
> Anyway, my config so far, which I believe works for ipv4 addresses, but
> probably on only a few formats of ipv6 addresses. I've used secondary map
> directives to append text to the short ip address as I couldn't work out
> how to concatenate the variable with text, so concatenated two variables
> instead. (Hope that makes sense).
>
>
> log_format ipmask '$remote_addr $ip_anon';
>
> map $remote_addr $ip_anon {
> default $remote_addr;
> "~^(?P<ipv4>[0-9]{1,3}\.[0-9]{1,3}.)(?P<junkv4>.*)" $ipv4$ipv4suffix;
> "~^(?P<ipv6>[^:]+:[^:]+)(?P<junkv6>.*$)" '$ipv6 $junkv6';
> }
>
> map - $ipv4suffix{
> default 0.0;
> }
> map - $ipv6suffix{
> default XX;
> }
> server {
> listen 8080;
> listen [::]:8080;
> server_name _;
> access_log /tmp/ngn-ip.log ipmask;
> allow all;
> }
>
>
> Anyone got any thoughts on this?
> Thanks
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Tom
Re: ip address masking
February 14, 2018 05:00AM
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Robert Paprocki
Re: ip address masking
February 15, 2018 06:40PM
Hi,

On Tue, Feb 13, 2018 at 5:46 PM, Tom <[email protected]> wrote:

> Hi,
>
> I'm wondering if anyone has successfully masked ip addresses in nginx
> before they are written to a log file.
>
> I understand there are reasons why you would and would not do this.
>
> Anyway, my config so far, which I believe works for ipv4 addresses, but
> probably on only a few formats of ipv6 addresses. I've used secondary map
> directives to append text to the short ip address as I couldn't work out
> how to concatenate the variable with text, so concatenated two variables
> instead. (Hope that makes sense).
>
>
> log_format ipmask '$remote_addr $ip_anon';
>
> map $remote_addr $ip_anon {
> default $remote_addr;
> "~^(?P<ipv4>[0-9]{1,3}\.[0-9]{1,3}.)(?P<junkv4>.*)" $ipv4$ipv4suffix;
> "~^(?P<ipv6>[^:]+:[^:]+)(?P<junkv6>.*$)" '$ipv6 $junkv6';
> }
>
> map - $ipv4suffix{
> default 0.0;
> }
> map - $ipv6suffix{
> default XX;
> }
> server {
> listen 8080;
> listen [::]:8080;
> server_name _;
> access_log /tmp/ngn-ip.log ipmask;
> allow all;
> }
>
>
> Anyone got any thoughts on this?
> Thanks
>

I suspect it might be a bit more efficient to do this with a simple module
than trying to play around with more variables, maps, and regular
expressions. I hacked together a quick module to do this:
https://github.com/p0pr0ck5/ngx_http_ip_mask_module. You could also do the
same thing with a little bit of Lua scripting (simply AND-ing off the
unwanted bits). I'd guess extending out the same logic for IPv6 wouldn't be
too hard, but that's left as an exercise for the reader :p
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Sorry, only registered users may post in this forum.

Click here to login