[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #23243 [Metrics/Metrics website]: write a spec for web-server-access log descriptors
#23243: write a spec for web-server-access log descriptors
-------------------------------------+------------------------------
Reporter: iwakeh | Owner: metrics-team
Type: enhancement | Status: needs_review
Priority: Medium | Milestone:
Component: Metrics/Metrics website | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+------------------------------
Comment (by iwakeh):
Replying to [comment:21 karsten]:
> Replying to [comment:19 iwakeh]:
> > Replying to [comment:17 karsten]:
> > > Replying to [comment:14 iwakeh]:
> > > > Another addition:
> > > >
> > > > Even though Tor's Apache webservers are configured to only provide
three ip addresses (e.g. `0.0.0.{0,1,2}`) all lines with different ips are
accepted and sanitized to ip `0.0.0.0`.
> > > >
> > > > Or, should such lines be discarded?
> > >
> > > Right now addresses are kept as long as they start with `0.0.0.`,
which seems plausible to me. The spec draft should also say that.
> >
> > Agreed. My question was a different one: what about log lines that
contain other ips (e.g. in case Apache suddenly logs more 11.22.33.44).
Currently these would be replaced by 0.0.0.0 and the sanitized lines kept.
>
> Ah, hmm. I think that both the current script and the specification
draft say that we ''drop'' any lines not starting with `0.0.0.`, but if a
line matches that, we keep the `0.0.0.x` address unchanged.
>
> But I wonder if we should change that to "keep any address starting with
`0.0.0.` and replace everything else with `0.0.0.0`". That way we could
easily sanitize logs from web servers using different log formats that are
compliant with Apache's Common Log Format. What do you think?
Yes, that's what I would choose.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23243#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs