From 2df81db46564efd5c706858aee0ad3ba25a01af8 Mon Sep 17 00:00:00 2001 From: qyb Date: Sat, 16 Mar 2019 05:36:52 +0800 Subject: [PATCH] log real client ip behind a HTTPS gateway (#38) * log real client ip behind a HTTPS gateway * fix tab/space indent * better compatible for apache/nginx log default format * add config option --- doh-server/config.go | 1 + doh-server/doh-server.conf | 4 ++++ doh-server/ietf.go | 11 ++++++++++- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/doh-server/config.go b/doh-server/config.go index 6d0d745..e51c07c 100644 --- a/doh-server/config.go +++ b/doh-server/config.go @@ -40,6 +40,7 @@ type config struct { TCPOnly bool `toml:"tcp_only"` Verbose bool `toml:"verbose"` DebugHTTPHeaders []string `toml:"debug_http_headers"` + LogGuessedIP bool `toml:"log_guessed_client_ip"` } func loadConfig(path string) (*config, error) { diff --git a/doh-server/doh-server.conf b/doh-server/doh-server.conf index f9e2356..335fe86 100644 --- a/doh-server/doh-server.conf +++ b/doh-server/doh-server.conf @@ -38,3 +38,7 @@ tcp_only = false # Enable logging verbose = false + +# Enable log IP from HTTPS-reverse proxy header: X-Forwarded-For or X-Real-IP +# Note: http uri/useragent log cannot be controlled by this config +log_guessed_client_ip = false diff --git a/doh-server/ietf.go b/doh-server/ietf.go index f21b818..33a6170 100644 --- a/doh-server/ietf.go +++ b/doh-server/ietf.go @@ -30,6 +30,7 @@ import ( "fmt" "io/ioutil" "log" + "net" "net/http" "strconv" "strings" @@ -94,7 +95,15 @@ func (s *Server) parseRequestIETF(ctx context.Context, w http.ResponseWriter, r } else { questionType = strconv.FormatUint(uint64(question.Qtype), 10) } - fmt.Printf("%s - - [%s] \"%s %s %s\"\n", r.RemoteAddr, time.Now().Format("02/Jan/2006:15:04:05 -0700"), questionName, questionClass, questionType) + var clientip net.IP = nil + if s.conf.LogGuessedIP { + clientip = s.findClientIP(r) + } + if clientip != nil { + fmt.Printf("%s - - [%s] \"%s %s %s\"\n", clientip, time.Now().Format("02/Jan/2006:15:04:05 -0700"), questionName, questionClass, questionType) + } else { + fmt.Printf("%s - - [%s] \"%s %s %s\"\n", r.RemoteAddr, time.Now().Format("02/Jan/2006:15:04:05 -0700"), questionName, questionClass, questionType) + } } transactionID := msg.Id