From 969475431242db68e95a282f3c9558033e5b104c Mon Sep 17 00:00:00 2001 From: Abel Luck Date: Wed, 14 Feb 2018 12:56:36 +0200 Subject: [PATCH] Add server option to disable logging of client ips fixes #265 --- cmd/shadowsocks-server/server.go | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/cmd/shadowsocks-server/server.go b/cmd/shadowsocks-server/server.go index 0477b67b..49647686 100644 --- a/cmd/shadowsocks-server/server.go +++ b/cmd/shadowsocks-server/server.go @@ -37,6 +37,7 @@ const ( ) var debug ss.DebugLog +var sanitizeIps bool var udp bool func getRequest(conn *ss.Conn, auth bool) (host string, ota bool, err error) { @@ -108,6 +109,14 @@ const logCntDelta = 100 var connCnt int var nextLogConnCnt int = logCntDelta +func sanitizeAddr(addr net.Addr) string { + if sanitizeIps { + return "x.x.x.x:zzzz" + } else { + return addr.String() + } +} + func handleConnection(conn *ss.Conn, auth bool) { var host string @@ -123,12 +132,12 @@ func handleConnection(conn *ss.Conn, auth bool) { // function arguments are always evaluated, so surround debug statement // with if statement if debug { - debug.Printf("new client %s->%s\n", conn.RemoteAddr().String(), conn.LocalAddr()) + debug.Printf("new client %s->%s\n", sanitizeAddr(conn.RemoteAddr()), conn.LocalAddr()) } closed := false defer func() { if debug { - debug.Printf("closed pipe %s<->%s\n", conn.RemoteAddr(), host) + debug.Printf("closed pipe %s<->%s\n", sanitizeAddr(conn.RemoteAddr()), host) } connCnt-- if !closed { @@ -138,7 +147,7 @@ func handleConnection(conn *ss.Conn, auth bool) { host, ota, err := getRequest(conn, auth) if err != nil { - log.Println("error getting request", conn.RemoteAddr(), conn.LocalAddr(), err) + log.Println("error getting request", sanitizeAddr(conn.RemoteAddr()), conn.LocalAddr(), err) closed = true return } @@ -166,7 +175,7 @@ func handleConnection(conn *ss.Conn, auth bool) { } }() if debug { - debug.Printf("piping %s<->%s ota=%v connOta=%v", conn.RemoteAddr(), host, ota, conn.IsOta()) + debug.Printf("piping %s<->%s ota=%v connOta=%v", sanitizeAddr(conn.RemoteAddr()), host, ota, conn.IsOta()) } if ota { go ss.PipeThenCloseOta(conn, remote) @@ -404,6 +413,7 @@ func main() { flag.StringVar(&cmdConfig.Method, "m", "", "encryption method, default: aes-256-cfb") flag.IntVar(&core, "core", 0, "maximum number of CPU cores to use, default is determinied by Go runtime") flag.BoolVar((*bool)(&debug), "d", false, "print debug message") + flag.BoolVar((*bool)(&sanitizeIps), "noip-log", false, "suppress client ip addresses in all output") flag.BoolVar(&udp, "u", false, "UDP Relay") flag.Parse()