GDPR-在Nginx中匿名IP(最后一个八位位组％2 = 0) [英] GDPR - anonymize IP in nginx (last octet %2=0)

问题描述

我已经找到了一些解决方案来对Nginx日志中的IP进行匿名处理-例如对nginx中的IP日志进行匿名化?

I have found some solutions to anonymize IP in nginx log - like this Anonymize IP logging in nginx?

但是这会将IP剥离到C子网.这太多了.在我看来，如果将IP的最后一个八位位组除以2，下限并再乘以2，则我认为GDPR编译器就足够了.因此IP并不准确.

But this will strip IP to C-subnet. Thats too much. For my purposes and GDPR compilant is in my opinion enough if the last octet of IP will be divided by 2, floored and multiplied by 2 to again. So IP will not be exact.

可以在nginx/map中完成.我还没有运气.

Can be done this in nginx / map. I did not have any luck yet.

推荐答案

因此，使用编译的perl，我得到的答案不是纯nginx.

So i have answer, not pure nginx, using compiled perl.

nginx.conf

nginx.conf

load_module /usr/local/libexec/nginx/ngx_http_perl_module.so;

(取决于操作系统-这是在freebsd上)

(depends on OS - this is on freebsd)

在httpd {

perl_set $remote_addr_anon 'sub {

    use POSIX;

    my $r = shift;
    my $str = $r->remote_addr;
    my @ex = split(/\./, $str);

    if ( scalar @ex == 4 ) {

            my $anon_ip = @ex[0] . "." . @ex[1] . "." . @ex[2] . "." . (floor(@ex[3]/2)*2) ;

            return $anon_ip;
    } else {

            return "IPv6"
    }
}'; 

log_format anonymized '$remote_addr_anon - $remote_user [$time_local] ' 
'"$request" $status $body_bytes_sent ' 
'"$http_referer" "$http_user_agent"';

然后在access_log中使用匿名的访问日志格式.

And then use anonymized access log format in access_log.

我不使用IPv6，所以不要在意它.如果您对此进行净化，可以，我对perl并不熟悉.

I dont use IPv6 so dont care about it. If you purify this, you can, I'm not familiar with perl.

这篇关于GDPR-在Nginx中匿名IP(最后一个八位位组％2 = 0)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！