search

gin-gonic / gin

Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.
https://gin-gonic.com/
MIT License
78.57k stars 8.01k forks source link

How do you hide "TLS handshake errors" messages? #3998

Closed YamiOdymel closed 4 months ago

YamiOdymel commented 4 months ago

The Gin server outputs lots of TLS handshake error

I know they are spambots poking my server without a valid TLS handshake, so I'd like to hide them all.

2024/06/17 08:50:31 http: TLS handshake error from 172.71.89.130:54475: EOF
2024/06/17 08:50:31 http: TLS handshake error from 172.70.117.136:27321: EOF
2024/06/17 08:50:31 http: TLS handshake error from 172.68.179.136:38115: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.131.137:16821: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.70.117.136:24033: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.179.136:60447: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.131.137:35943: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.70.117.136:56927: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.179.136:60613: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.131.137:44503: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.70.117.136:62961: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.179.136:13099: EOF
2024/06/17 08:50:33 http: TLS handshake error from 172.68.131.137:51455: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:46337: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:63435: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:48471: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.241.143:20131: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:18751: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:44493: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.241.143:28467: EOF
2024/06/17 08:50:36 http: TLS handshake error from 172.69.241.143:22753: EOF
2024/06/17 08:50:36 http: TLS handshake error from 172.69.241.143:37185: EOF
2024/06/17 08:50:36 http: TLS handshake error from 172.69.241.143:41773: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.114.136:23619: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.223.140:44507: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.114.136:48173: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.223.140:17731: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.114.136:27501: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.223.140:63737: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.114.136:40807: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.223.140:13027: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.114.136:59277: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.223.140:29263: EOF
2024/06/17 08:50:42 http: TLS handshake error from 172.70.154.135:61419: EOF
2024/06/17 08:50:42 http: TLS handshake error from 172.70.154.135:9307: EOF
2024/06/17 08:50:42 http: TLS handshake error from 172.70.154.135:45959: EOF
2024/06/17 08:50:43 http: TLS handshake error from 172.70.154.135:18881: EOF
YamiOdymel commented 4 months ago

nvm I think I got the solution:

Custom HTTP configuration

net/http: do not log error in http.Server for TCP probes

func main() {
    h := gin.Default()

    server:= &http.Server{
        Addr:           ":8080",
        Handler:        h,
        ReadTimeout:    30 * time.Second,
        WriteTimeout:   30 * time.Second,
        MaxHeaderBytes: 1 << 20,
        ErrorLog:       httpLogger(),
    }

    server.ListenAndServeTLS("cert.pem", "key.pem")
}

func httpLogger() *log.Logger {
    pr, pw := io.Pipe()
    logger := log.New(pw, "http: ", log.LstdFlags|log.Lmsgprefix|log.Lmicroseconds)
    scanner := bufio.NewScanner(pr)
    go func() {
        for scanner.Scan() {
            go func(line string) {
                if !strings.HasSuffix(line, ": EOF") {
                    fmt.Fprintln(os.Stdout, line)
                }
            }(scanner.Text())
        }
        fmt.Fprintln(os.Stdout, "log scanner stopped:", scanner.Err())
    }()
    return logger
}
AlexanderYastrebov commented 2 months ago

Logger interface guarantees single write per log message so you don't need go routine and a scanner, see https://github.com/golang/go/issues/26918#issuecomment-974257205