Scroll to navigation

ipv6loganon(8) system tools ipv6loganon(8)

NAME

ipv6loganon - HTTP server log file anonymizer

SYNOPSIS

cat /var/log/httpd/access_log | ipv6loganon [OPTIONS]

DESCRIPTION

This program anonymizes IPv4/IPv6 addresses in HTTP server log files
Takes data from stdin, proceed it to stdout
Depending on the anonymization method, address parts (prefix/interface identifier) are

simply zeroized by given masks

anonymized by zeroizing only required bits (partially depending on given masks)

IID:
EUI-48/64: serial number would be zero'ed, keeping OID
ISATAP: client IPv4 address would be anonymized by given IPv4 mask
TEREDO: client IPv4 address would be anonymized by given IPv4 mask, client port would be zero'ed
6to4(Microsoft): client IPv4 address would be anonymized by given IPv4 mask
local: whole IID would be zero'ed (except if privacy extension was detected, then replaced by a special token)
Prefix:
IPv6 addresses including IPv4 address of client would be anonymized by given IPv4 mask

anonymized by try to keep for IPv4 and IPv6 addresses ( keep-type-asn-cc)

type of address
Autonomous System Number ( ASN)
Country Code ( CC)

This method requires an IPv4/IPv6 to Country Code and ASN resolution, provided by GeoIP

Big advantage: ipv6logstats(8) result should be the same as with raw data

Anonymized IPv4 addresses are from experimental range 240.0.0.0/8
Anonymized IPv6 addresses are using (currently hijacked) prefix a909::/16
Anonymized IPv6 IID is starting with a9x9 (x = anonymized nibbles of SLA)

OPTIONS

General options:
[-d|--debug DEBUGVALUE] : debug value (bitwise like) can also be set by IPV6CALC_DEBUG environment value
[-v|--version [-v [-v]]] : version information (2 optional detail levels)
[-v|--version -h] : explanation of feature tokens
<TP [-V|--verbose] : be more verbose
[-h|--help|-?] : this online help
External database options (depending on compiled-in suppport):
[--db-ip2location-disable ] : IP2Location support disabled
[--db-ip2location-dir DIRECTORY] : IP2Location database directory (default: /usr/share/IP2Location)
[--db-geoip-disable ] : GeoIP support disabled
[--db-geoip-dir DIRECTORY] : GeoIP database directory (default: /usr/share/GeoIP)
Input/output options:
[-w|--write] : write output to file instead of stdout
[-a|--append] : append output to file instead of stdout
[-f|--flush] : flush output after each line
[-V|--verbose] : be verbose
Performance options:
[-n|--nocache] : disable caching
[-c|--cachelimit VALUE] : set cache limit
 

default: 20
 

maximum: 200
Processing options:
Shortcut for anonymization presets:
--anonymize-standard (default)
--anonymize-careful
--anonymize-paranoid
Supported methods [--anonymize-method METHOD]:
anonymize : reliable anonymization, keep as much type information as possible
zeroize : simple zeroizing according to given masks, probably loose type information
keep-type-asn-cc: special reliable anonymization, keep type & Autonomous System Number and CountryCode
Available presets (shortcut names) [--anonymize-preset PRESET-NAME]:
anonymize-standard (as): mask-ipv6= 56 mask-ipv4=24 mask-eui64=40 mask-mac=24 mask-autoadjust=yes method=anonymize
 
anonymize-careful (ac): mask-ipv6= 48 mask-ipv4=20 mask-eui64=24 mask-mac=24 mask-autoadjust=yes method=anonymize
 
anonymize-paranoid (ap): mask-ipv6= 40 mask-ipv4=16 mask-eui64= 0 mask-mac=24 mask-autoadjust=no method=anonymize
 
zeroize-standard (zs): mask-ipv6= 56 mask-ipv4=24 mask-eui64=40 mask-mac=24 mask-autoadjust=yes method=zeroize
 
zeroize-careful (zc): mask-ipv6= 48 mask-ipv4=20 mask-eui64=24 mask-mac=24 mask-autoadjust=yes method=zeroize
 
zeroize-paranoid (zp): mask-ipv6= 40 mask-ipv4=16 mask-eui64= 0 mask-mac=24 mask-autoadjust=no method=zeroize
 
keep-type-asn-cc (kp): mask-ipv6= 56 mask-ipv4=24 mask-eui64=40 mask-mac=24 mask-autoadjust=yes method=keep-type-asn-cc
Custom control:
--mask-ipv4 BITS : mask IPv4 address [0-32] (even if occurs in IPv6 address)
--mask-ipv6 BITS : mask IPv6 prefix [0-64] (only applied to related address types)
--mask-eui64 BITS : mask EUI-64 address or IPv6 interface identifier [0-64]
--mask-mac BITS : mask MAC address [0-48]
--mask-autoadjust yes|no: autoadjust mask to keep type/vendor information regardless of less given mask

EXAMPLES

Original lines (stdin):
207.46.98.53 - - [01/Jan/2007:00:01:15 +0100] "GET /Linux+IPv6-HOWTO/x1112.html HTTP/1.0" 200 6162 "-" "msnbot/1.0 (+http://search.msn.com/msnbot.htm)" 253 6334
2002:52b6:6b01:1:216:17ff:fe01:2345 - - [10/Jan/2007:15:04:28 +0100] "GET /favicon.ico HTTP/1.1" 200 4710 "http://www.bieringer.de/linux/IPv6/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061219 Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9 pango-text" 413 5005
Modified lines (stdout):
207.46.98.0 - - [01/Jan/2007:00:01:15 +0100] "GET /Linux+IPv6-HOWTO/x1112.html HTTP/1.0" 200 6162 "-" "msnbot/1.0 (+http://search.msn.com/msnbot.htm)" 253 6334
2002:52b6:6b00:0:216:17ff:fe00:0 - - [10/Jan/2007:15:04:28 +0100] "GET /favicon.ico HTTP/1.1" 200 4710 "http://www.bieringer.de/linux/IPv6/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061219 Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9 pango-text" 413 5005
Anonymization method: keep-type-asn-cc
echo "1.2.3.4" | ./ipv6loganon --anonymize-preset keep-type-asn-cc
246.24.59.65
echo "2001:a60:1400:1201:221:70ff:fe01:2345" | ./ipv6loganon --anonymize-preset keep-type-asn-cc
a909:16fa:9092:23ff:a909:4291:4022:1708

SEE ALSO

ipv6calc(8), ipv6logstat(8)

REPORTING BUGS

Report bugs to <ipv6calc@lists.deepspace6.net> or to the authors.
 
Homepage: http://www.deepspace6.net/projects/ipv6calc.html

COPYRIGHT

GPLv2

AUTHORS

Peter Bieringer <pb@bieringer.de>
0.97.4 Peter Bieringer <pb@bieringer.de>