[PATCH 1 of 2] HTTP: Add client source port to any error that is logged
Maxim Dounin
mdounin at mdounin.ru
Thu Apr 24 18:26:07 UTC 2014
Hello!
On Thu, Apr 24, 2014 at 11:06:29AM -0700, Quanah Gibson-Mount wrote:
>
>
> --On April 24, 2014 at 9:56:48 PM +0400 Maxim Dounin <mdounin at mdounin.ru>
> wrote:
>
> >>$remote_port in the log format section only covers errors logged to the
> >>access log, it does not cover errors in the error log. The submitted
> >>patch handles the error log.
> >
> >I understand the difference, thank you.
> >
> >The ticket in question only talked about error_log in context of
> >mail module, where is no separate access logging to meet the
> >alleged regulations.
>
> Yes, that is true, but why only implement a partial solution? With CGN,
> only logging the IP is fairly useless in all cases. To truly get useful
> information going forward, the IP + PORT of the client should logged in all
> cases.
Access log certainly can be configured to provide enough
enformation to match any given error log message to a port if
needed. There is no need to implement anything, solution is
already here.
And, by asking about "why implement a partical solution" you are
overlooking the fact that proposed solution is partial as well -
it doesn't change c->addr_text to ensure proper logging in all
places (this would be a bad idea for other reasons, but it's
another question), but rather tries to hack on the http error
logging code to introduce remote port logging. This is far from
being a complete solution.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list