SYNOPSIS

cat /var/log/httpd/access_log | ipv6loganon [OPTIONS]

DESCRIPTION

This program anonymizes IPv4/IPv6 addresses in HTTP server log files

Takes data from stdin, proceed it to stdout

Depending on the anonymization method, address parts (prefix/interface identifier) are

  simply zeroized by given masks
  anonymized by zeroizing only required bits (partially depending on given masks)
    IID:
      EUI-48/64: serial number would be zero'ed, keeping OID
      ISATAP:    client IPv4 address would be anonymized by given IPv4 mask
      TEREDO:    client IPv4 address would be anonymized by given IPv4 mask, client port would be zero'ed
      6to4(Microsoft): client IPv4 address would be anonymized by given IPv4 mask
      local: whole IID would be zero'ed (except if privacy extension was detected, then replaced by a special token)
    Prefix:
      IPv6 addresses including IPv4 address of client would be anonymized by given IPv4 mask
  anonymized by try to keep for IPv4 and IPv6 addresses (keep-type-asn-cc)
    type of address
    Autonomous System Number (ASN)
    Country Code (CC)
    This method requires an IPv4/IPv6 to Country Code and ASN resolution, provided by GeoIP
    Big advantage: ipv6logstats(8) result should be the same as with raw data
    Anonymized IPv4 addresses are from experimental range 240.0.0.0/8
    Anonymized IPv6 addresses are using (currently hijacked) prefix a909::/16
    Anonymized IPv6 IID is starting with a9x9 (x = anonymized nibbles of SLA)

OPTIONS

General options:

[-d|--debug DEBUGVALUE] : debug value (bitwise like) can also be set by IPV6CALC_DEBUG environment value

[-v|--version [-v [-v]]] : version information (2 optional detail levels)

[-v|--version -h] : explanation of feature tokens

<TP [-V|--verbose] : be more verbose

[-h|--help|-?] : this online help

External database options (depending on compiled-in suppport):

[--db-ip2location-disable ] : IP2Location support disabled

[--db-ip2location-dir DIRECTORY] : IP2Location database directory (default: /usr/share/IP2Location)

[--db-geoip-disable ] : GeoIP support disabled

[--db-geoip-dir DIRECTORY] : GeoIP database directory (default: /usr/share/GeoIP)

Input/output options:

[-w|--write] : write output to file instead of stdout

[-a|--append] : append output to file instead of stdout

[-f|--flush] : flush output after each line

[-V|--verbose] : be verbose

Performance options:

[-n|--nocache] : disable caching

[-c|--cachelimit VALUE] : set cache limit

                      default: 20
                      maximum: 200

Processing options:

Shortcut for anonymization presets:

--anonymize-standard (default)

--anonymize-careful

--anonymize-paranoid

Supported methods [--anonymize-method METHOD]:

anonymize : reliable anonymization, keep as much type information as possible

zeroize : simple zeroizing according to given masks, probably loose type information

keep-type-asn-cc: special reliable anonymization, keep type & Autonomous System Number and CountryCode

Available presets (shortcut names) [--anonymize-preset PRESET-NAME]:

anonymize-standard (as): mask-ipv6= 56 mask-ipv4=24 mask-eui64=40 mask-mac=24 mask-autoadjust=yes method=anonymize

anonymize-careful (ac): mask-ipv6= 48 mask-ipv4=20 mask-eui64=24 mask-mac=24 mask-autoadjust=yes method=anonymize

anonymize-paranoid (ap): mask-ipv6= 40 mask-ipv4=16 mask-eui64= 0 mask-mac=24 mask-autoadjust=no method=anonymize

zeroize-standard (zs): mask-ipv6= 56 mask-ipv4=24 mask-eui64=40 mask-mac=24 mask-autoadjust=yes method=zeroize

zeroize-careful (zc): mask-ipv6= 48 mask-ipv4=20 mask-eui64=24 mask-mac=24 mask-autoadjust=yes method=zeroize

zeroize-paranoid (zp): mask-ipv6= 40 mask-ipv4=16 mask-eui64= 0 mask-mac=24 mask-autoadjust=no method=zeroize

keep-type-asn-cc (kp): mask-ipv6= 56 mask-ipv4=24 mask-eui64=40 mask-mac=24 mask-autoadjust=yes method=keep-type-asn-cc

Custom control:

--mask-ipv4 BITS : mask IPv4 address [0-32] (even if occurs in IPv6 address)

--mask-ipv6 BITS : mask IPv6 prefix [0-64] (only applied to related address types)

--mask-eui64 BITS : mask EUI-64 address or IPv6 interface identifier [0-64]

--mask-mac BITS : mask MAC address [0-48]

--mask-autoadjust yes|no: autoadjust mask to keep type/vendor information regardless of less given mask

EXAMPLES

Original lines (stdin):

207.46.98.53 - - [01/Jan/2007:00:01:15 +0100] "GET /Linux+IPv6-HOWTO/x1112.html HTTP/1.0" 200 6162 "-" "msnbot/1.0 (+http://search.msn.com/msnbot.htm)" 253 6334

2002:52b6:6b01:1:216:17ff:fe01:2345 - - [10/Jan/2007:15:04:28 +0100] "GET /favicon.ico HTTP/1.1" 200 4710 "http://www.bieringer.de/linux/IPv6/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061219 Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9 pango-text" 413 5005

Modified lines (stdout):

207.46.98.0 - - [01/Jan/2007:00:01:15 +0100] "GET /Linux+IPv6-HOWTO/x1112.html HTTP/1.0" 200 6162 "-" "msnbot/1.0 (+http://search.msn.com/msnbot.htm)" 253 6334

2002:52b6:6b00:0:216:17ff:fe00:0 - - [10/Jan/2007:15:04:28 +0100] "GET /favicon.ico HTTP/1.1" 200 4710 "http://www.bieringer.de/linux/IPv6/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061219 Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9 pango-text" 413 5005

Anonymization method: keep-type-asn-cc

echo "1.2.3.4" | ./ipv6loganon --anonymize-preset keep-type-asn-cc

246.24.59.65

echo "2001:a60:1400:1201:221:70ff:fe01:2345" | ./ipv6loganon --anonymize-preset keep-type-asn-cc

a909:16fa:9092:23ff:a909:4291:4022:1708

RELATED TO ipv6loganon…

ipv6calc(8), ipv6logstat(8)

REPORTING BUGS

Report bugs to <[email protected]> or to the authors.

Homepage: http://www.deepspace6.net/projects/ipv6calc.html

COPYRIGHT

GPLv2

AUTHORS

Peter Bieringer <[email protected]>