first try
This commit is contained in:
parent
ce86ce31ed
commit
1fbbc8c3b2
17
etc-cron.daily-anonymize-pafal
Executable file
17
etc-cron.daily-anonymize-pafal
Executable file
@ -0,0 +1,17 @@
|
||||
#!/bin/sh
|
||||
|
||||
# simple cronjob to anonymize IPv4 and IPv6 addresses
|
||||
# in pafakedaccesslog logfile entries
|
||||
# on a Debian GNU/Linux default Apache2 and PHP installation
|
||||
# placed in /etc/cron.daily/ .
|
||||
|
||||
# config
|
||||
readonly LOG="/var/www/html/pafal/faccess.log"
|
||||
|
||||
# ipv4
|
||||
/bin/sed -i -E 's/^([[:digit:]]{1,3}\.)([[:digit:]]{1,3}\.)([^ ]*)(.*)/\1\20.0\4/' "${LOG}"
|
||||
|
||||
# ipv6
|
||||
/bin/sed -i -E 's/^([[:xdigit:]]{1,4}:)([[:xdigit:]]{1,4}:)([[:xdigit:]]{1,4}:)([^ ]*)(.*)/\1\2\3:0\5/' "${LOG}"
|
||||
|
||||
exit 0
|
||||
95
index.php
Normal file
95
index.php
Normal file
@ -0,0 +1,95 @@
|
||||
<?php
|
||||
|
||||
// config
|
||||
$file = "faccess.log";
|
||||
$max = 100;
|
||||
$cron = false;
|
||||
|
||||
ob_start();
|
||||
|
||||
// show content of file
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html lang='de'>
|
||||
<head>
|
||||
<meta charset='utf-8'>
|
||||
<title>PA | FakedAccessLog</title>
|
||||
<meta content='Patrick Neumann' name='author'>
|
||||
<meta content='1.0' name='version'>
|
||||
<link rel='shortcut icon' type='image/x-icon' href='/favicon.ico'>
|
||||
</head>
|
||||
<body>
|
||||
<h1>P (olizei) A (kademie) | F (aked) <a href='https://httpd.apache.org/docs/2.4/logs.html#combined' target='_blank'>A (ccess) L (og)</a></h1>
|
||||
<pre>
|
||||
<?php
|
||||
|
||||
readfile( $file );
|
||||
|
||||
?>
|
||||
</pre>
|
||||
<p style='font-style:italic;font-size:.8em;'>
|
||||
No access permissions to a "real" access.log are required.
|
||||
- Logrotation with a maximum of 100 entries.
|
||||
<?php if( $cron ) {
|
||||
echo " - Daily anonymization of IPv4 (last 16 bits) and IPv6 (last 80 bits) addresses.";
|
||||
} ?>
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
|
||||
// count size in bytes
|
||||
$size = ob_get_length();
|
||||
|
||||
ob_end_flush();
|
||||
|
||||
// assemble log line
|
||||
$line = $_SERVER[ "REMOTE_ADDR" ];
|
||||
$line .= " ";
|
||||
$line .= "-"; // mod_ident is mostly disabled!
|
||||
$line .= " ";
|
||||
$line .= ( empty( $_SERVER[ "REMOTE_USER" ] ) ) ? "-" : $_SERVER[ "REMOTE_USER" ];
|
||||
$line .= " ";
|
||||
$line .= strftime( "[%d/%b/%Y:%H:%M:%S %z]", $_SERVER[ "REQUEST_TIME" ] );
|
||||
$line .= " \"";
|
||||
$line .= $_SERVER[ "REQUEST_METHOD" ];
|
||||
$line .= " ";
|
||||
$line .= $_SERVER[ "REQUEST_URI" ];
|
||||
$line .= " ";
|
||||
$line .= $_SERVER[ "SERVER_PROTOCOL" ];
|
||||
$line .= "\" ";
|
||||
$line .= http_response_code();
|
||||
$line .= " ";
|
||||
$line .= $size;
|
||||
$line .= " \"";
|
||||
$line .= ( empty( $_SERVER[ "HTTP_REFERER" ] ) ) ? "-" : $_SERVER[ "HTTP_REFERER" ];
|
||||
$line .= "\" \"";
|
||||
$line .= $_SERVER[ "HTTP_USER_AGENT" ];
|
||||
$line .= "\"";
|
||||
$line .= "\n";
|
||||
|
||||
// prepare error message
|
||||
$user = shell_exec( "whoami" );
|
||||
$emsg = "The webserver has no permissions to read and/or write $file.<br>";
|
||||
$emsg .= "How to fix it:<br>";
|
||||
$emsg .= "~# touch $file<br>";
|
||||
$emsg .= "~# chown $user $file<br>";
|
||||
$emsg .= "~# chmod 644 $file";
|
||||
|
||||
// delete oldest log line if max is reached
|
||||
if( $log = file( $file ) ) {
|
||||
if( count( $log ) >= $max ) $log = array_slice( $log, 1 );
|
||||
} else {
|
||||
die( $emsg );
|
||||
}
|
||||
|
||||
// append log line to file
|
||||
$log[] = $line;
|
||||
if( $add = fopen( $file, 'w' ) ) {
|
||||
fwrite( $add, implode( '', $log ) );
|
||||
fclose( $add );
|
||||
} else {
|
||||
die( $emsg );
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
x
Reference in New Issue
Block a user