[ipv6calc] new: ipv6loganon for anonymizing HTTP logs without loosing much information
Peter Bieringer
pb at bieringer.de
Thu Feb 1 15:50:13 CET 2007
Hi,
triggered by some global discussions about privacy I've created a new
program named "ipv6loganon", which is able to anonymize HTTP logs
without loosing much information (e.g. the IPv6 address type - for
further statistics).
Some more information is below.
Currently, it can not be used as pipe for apache HTTP server, reason is
unknown, following config doesn't unfortunately not work (nothing will
be logged anymore):
CustomLog "| /usr/local/bin/ipv6loganon-static |/usr/sbin/cronolog
/path/to/logs/server-log.%Y%m" combined
Perhaps one can point me to a solution - thank you.
Also some code improvements triggered by splint were done. Here pls. one
can help me to splint also the md5 subdirectory, currently splint don't
like the code there.
Please run some tests. I plan to release package 0.70.0 in one week or so.
Regards,
Peter
$ cat README
$Id: README,v 1.2 2007/02/01 14:44:21 peter Exp $
ipv6loganon is a HTTP server log file anonymizer
It expect a log line on stdin with an IPv4/IPv6 address as first token.
This token would be anonymized according to given/default options.
The anonymizer would keep as much information as possible for IPv6
address types.
Client-side IID would be anonymized by
- EUI-48 based: serial number would be zero'ed, keeping OID
- EUI-64 based: serial number would be zero'ed, keeping OID
- ISATAP: client IPv4 address would be anonymized by given IPv4 mask
- TEREDO: client IPv4 address would be anonymized by given IPv4 mask
client port would be zero'ed
- 6to4(Microsoft): client IPv4 address would be anonymized by given
IPv4 mask
- local: whole IID would be zero'ed
Client-side SLA would be anonymized by
- SLA would be zero'ed
Prefix would be anonymized by
- 6to4: client IPv4 address would be anonymized by given IPv4 mask
Compat/Mapped IPv4 addresses would be anonymized by
- IPv4 address would be anonymized by given IPv4 mask
Afterwards, the modified address and the trailing line would be printed
to stdout.
Example:
Original lines (stdin):
207.46.98.53 - - [01/Jan/2007:00:01:15 +0100] "GET
/Linux+IPv6-HOWTO/x1112.html HTTP/1.0" 200 6162 "-" "msnbot/1.0
(+http://search.msn.com/msnbot.htm)" 253 6334
2002:52b6:6b01:1:216:17ff:fe01:2345 - - [10/Jan/2007:15:04:28 +0100]
"GET /favicon.ico HTTP/1.1" 200 4710
"http://www.bieringer.de/linux/IPv6/" "Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.8.0.9) Gecko/20061219 Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9
pango-text" 413 5005
Modified lines (stdout):
207.46.98.0 - - [01/Jan/2007:00:01:15 +0100] "GET
/Linux+IPv6-HOWTO/x1112.html HTTP/1.0" 200 6162 "-" "msnbot/1.0
(+http://search.msn.com/msnbot.htm)" 253 6334
2002:52b6:6b00:0:216:17ff:fe00:0 - - [10/Jan/2007:15:04:28 +0100] "GET
/favicon.ico HTTP/1.1" 200 4710 "http://www.bieringer.de/linux/IPv6/"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061219
Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9 pango-text" 413 5005
--
Dr. Peter Bieringer http://www.bieringer.de/pb/
GPG/PGP Key 0x958F422D mailto:pb at bieringer.de
Deep Space 6 Co-Founder and Core Member http://www.deepspace6.net/
OpenBC http://www.openbc.com/hp/Peter_Bieringer/
Personal invitation to OpenBC http://www.openbc.com/go/invita/3889
More information about the ipv6calc
mailing list