search

painless-security / trust-router

Moonshot Trust Router
0 stars 0 forks source link

Log the incoming IP address when handling TR request #6

Closed jennifer-richards closed 6 years ago

jennifer-richards commented 6 years ago

In the logs in the trust router, it would be a really good idea to log the remote (incoming) IP address that the request is coming from. Currently I see something like this:

tids_handle_connection: Connection authorized!
tids_read_request():Request Received, 1241 bytes.
tr_tids_req_handler: Request received (conn = 6)! Realm = ov-apc.moonshot.ja.net, Comm = ov-apc.moonshot.ja.net

Ideally I'd like to see something like this:

tids_handle_connection: Connection authorized!
tids_read_request():Request Received from 212.219.179.131, 1241 bytes.
tr_tids_req_handler: Request received (conn = 6)! Realm = ov-apc.moonshot.ja.net, Comm = ov-apc.moonshot.ja.net

That way we know which IP has requested the connection. I don't know if this is possible when you have a proxy in front of the trust router (i.e. the way we do to balance incoming requests), but it would be worth asking Adam?

Launchpad Details: #LP1722349 Stefan Paetow - 2017-10-09 16:39:35 +0000

jennifer-richards commented 6 years ago

Test

Steps

  1. Set up the trust router
  2. Make a TID, TRP, or monitoring connection
  3. Examine the trust router log.

Expected results

There should be a message like 

tr_sock_accept: Incoming connection on fd 17 from 127.0.0.1

for every connection (with the correct IP address for the request source). The fd will vary from run to run.

meadmaker commented 6 years ago

Confirmed!