[tor-bugs] #23243 [Metrics/Metrics website]: write a spec for web-server-access log descriptors

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Sep 7 13:46:59 UTC 2017 

#23243: write a spec for web-server-access log descriptors
-------------------------------------+------------------------------
 Reporter:  iwakeh                   |          Owner:  metrics-team
     Type:  enhancement              |         Status:  needs_review
 Priority:  Medium                   |      Milestone:
Component:  Metrics/Metrics website  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+------------------------------

Comment (by iwakeh):

 Replying to [comment:21 karsten]:
 > Replying to [comment:19 iwakeh]:
 > > Replying to [comment:17 karsten]:
 > > > Replying to [comment:14 iwakeh]:
 > > > > Another addition:
 > > > >
 > > > > Even though Tor's Apache webservers are configured to only provide
 three ip addresses (e.g. `0.0.0.{0,1,2}`) all lines with different ips are
 accepted and sanitized to ip `0.0.0.0`.
 > > > >
 > > > > Or, should such lines be discarded?
 > > >
 > > > Right now addresses are kept as long as they start with `0.0.0.`,
 which seems plausible to me. The spec draft should also say that.
 > >
 > > Agreed.  My question was a different one: what about log lines that
 contain other ips (e.g. in case Apache suddenly logs more 11.22.33.44).
 Currently these would be replaced by 0.0.0.0 and the sanitized lines kept.
 >
 > Ah, hmm. I think that both the current script and the specification
 draft say that we ''drop'' any lines not starting with `0.0.0.`, but if a
 line matches that, we keep the `0.0.0.x` address unchanged.
 >
 > But I wonder if we should change that to "keep any address starting with
 `0.0.0.` and replace everything else with `0.0.0.0`". That way we could
 easily sanitize logs from web servers using different log formats that are
 compliant with Apache's Common Log Format. What do you think?

 Yes, that's what I would choose.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23243#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list