UNLOZE/projects-jenz
11
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

logging generic information about players https requests

Browse Source
This commit is contained in:
jenz 2022-05-01 18:11:11 +02:00
parent 359972f118
commit 2128687809
3 changed files with 232 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
nosteam_verificiation/nginx/nginx.conf Normal file
View File

@ -0,0 +1,132 @@
user nonroot;
worker_processes auto;
worker_cpu_affinity auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 4096;
multi_accept on;
}
http {
##
# Basic Settings
##
charset utf-8;
source_charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
server_name_in_redirect off;
ignore_invalid_headers on;
recursive_error_pages on;
types_hash_max_size 4096;
keepalive_timeout 65;
client_max_body_size 150m;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS_AES_256_GCM_SHA384:TLS-AES-256-GCM-SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_ecdh_curve secp521r1:secp384r1;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_buffer_size 4k;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 60m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s;
resolver_timeout 5s;
include /etc/nginx/mime.types;
default_type application/octet-stream;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_index index.php;
##
# Logging Settings
##
#the nginx file is just uploaded for the purpose of showing what the logging format is
log_format main '[$time_local] $remote_addr ' 'status code: $status body bytes: $body_bytes_sent bytes: $bytes_sent '
'user agent: "$http_user_agent" x forwarded: "$http_x_forwarded_for" request length: $request_length request_time: $request_time' ' request: $request ssl_protocol: $ssl_protocol ssl_cipher: $ssl_cipher';
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
log_not_found off;
##
# Gzip Settings
##
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types application/atom+xml
application/javascript
application/json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/x-httpd-php
application/xhtml+xml
application/xml
application/xml+rss
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/xml;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
#fancyindex_localtime on;
#fancyindex_exact_size off;
#fancyindex_name_length 100;
##
# Cloudflare
##
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
real_ip_header CF-Connecting-IP;
##
# GeoIP
##
geoip_country /usr/share/GeoIP/GeoIP.dat;
##
# Virtual Host Configs
##
include /etc/nginx/sites-enabled/default;
include /etc/nginx/sites/*.conf;
}

90
nosteam_verificiation/python/read_access_logs.py Normal file
View File

@ -0,0 +1,90 @@
#!/home/nonroot/nginx_reader/venv/bin/python3
from settings import get_connection
def main():
motd_accessed = []
with open("/var/log/nginx/access_xenforo.log", "r") as f:
for l in f.readlines():
if 'MOTD.html' in l:
motd_accessed.append(l)
with get_connection() as conn:
with conn.cursor() as cur:
sql_statement = """
CREATE TABLE IF NOT EXISTS
`unloze_anti-spoofing`.requests_info
(
ipv4 varchar(64) not null,
status_code int4,
user_agent varchar(512),
x_forwarded varchar(512),
request_length int4,
request_time int4,
body_bytes_sent varchar(64),
bytes_sent varchar(64),
ssl_protocol varchar(256),
ssl_cipher varchar(256),
inserted_on datetime default now(),
primary key (ipv4)
)
"""
cur.execute(sql_statement)
#print('statement: ', cur.statement)
sql_statement = """
CREATE TABLE IF NOT EXISTS
`unloze_anti-spoofing`.user_agent_history
(
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
ipv4 varchar(64) not null,
user_agent varchar(512),
inserted_on datetime default now(),
FOREIGN KEY (ipv4) REFERENCES requests_info(ipv4)
)
"""
cur.execute(sql_statement)
#print('statement: ', cur.statement)
for d in motd_accessed:
ipv4 = d.split("] ")[1].split(" status")[0]
status_code = d.split("code: ")[1].split(" body")[0]
user_agent = d.split('user agent: "')[1].split('" x ')[0]
x_forwarded = d.split('x forwarded: "')[1].split('" request length:')[0]
request_length = d.split("request length: ")[1].split(" request_time:")[0]
request_time = d.split("request_time: ")[1].split(" content length:")[0]
body_bites = d.split("body bytes: ")[1].split(" bytes:")[0]
bytes_send = d.split("bytes: ")[1].split(" user agent:")[0].strip(" ")
ssl_protocol = d.split("ssl_protocol: ")[1].split(" ssl_cipher:")[0]
ssl_cipher = motd_accessed[0].split("ssl_cipher: ")[1].split("\n")[0]
sql_statement = """
INSERT IGNORE
`unloze_anti-spoofing`.requests_info
(ipv4, status_code, user_agent, x_forwarded, request_length, request_time, body_bytes_sent, bytes_sent,
ssl_protocol, ssl_cipher)
VALUES
(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)
"""
cur.execute(sql_statement, [ipv4, status_code, user_agent, x_forwarded, request_length, request_time, body_bites, bytes_send, ssl_protocol, ssl_cipher])
sql_statement = """
select * from `unloze_anti-spoofing`.user_agent_history
WHERE ipv4 = %s and user_agent
= %s
"""
cur.execute(sql_statement, [ipv4, user_agent])
res = cur.fetchall()
#print('res: ', res)
if not res:
sql_statement = """
INSERT IGNORE
`unloze_anti-spoofing`.user_agent_history
(ipv4, user_agent)
VALUES
(%s, %s)
"""
cur.execute(sql_statement, [ipv4, user_agent])
#print('statement: ', cur.statement)
conn.commit()
conn.close() #not sure if mysql supports with statement clauses or not but does not look like it tbh
if __name__ == '__main__':
main()
print('finished')

10
nosteam_verificiation/systemctl/nginx_collector.service Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=nginx logging collector
[Service]
Type=simple
User=nonroot
WorkingDirectory=/home/nonroot/nginx_reader
Restart=always
RestartSec=5
ExecStart=/home/nonroot/nginx_reader/read_access_logs.py