GDPR-在Nginx中匿名IP(最后一个八位位组%2 = 0) [英] GDPR - anonymize IP in nginx (last octet %2=0)
问题描述
我已经找到了一些解决方案来对Nginx日志中的IP进行匿名处理-例如对nginx中的IP日志进行匿名化?
I have found some solutions to anonymize IP in nginx log - like this Anonymize IP logging in nginx?
但是这会将IP剥离到C子网.这太多了.在我看来,如果将IP的最后一个八位位组除以2,下限并再乘以2,则我认为GDPR编译器就足够了.因此IP并不准确.
But this will strip IP to C-subnet. Thats too much. For my purposes and GDPR compilant is in my opinion enough if the last octet of IP will be divided by 2, floored and multiplied by 2 to again. So IP will not be exact.
可以在nginx/map中完成.我还没有运气.
Can be done this in nginx / map. I did not have any luck yet.
推荐答案
因此,使用编译的perl,我得到的答案不是纯nginx.
So i have answer, not pure nginx, using compiled perl.
nginx.conf
nginx.conf
load_module /usr/local/libexec/nginx/ngx_http_perl_module.so;
(取决于操作系统-这是在freebsd上)
(depends on OS - this is on freebsd)
在httpd {
perl_set $remote_addr_anon 'sub {
use POSIX;
my $r = shift;
my $str = $r->remote_addr;
my @ex = split(/\./, $str);
if ( scalar @ex == 4 ) {
my $anon_ip = @ex[0] . "." . @ex[1] . "." . @ex[2] . "." . (floor(@ex[3]/2)*2) ;
return $anon_ip;
} else {
return "IPv6"
}
}';
log_format anonymized '$remote_addr_anon - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
然后在access_log中使用匿名的访问日志格式.
And then use anonymized access log format in access_log.
我不使用IPv6,所以不要在意它.如果您对此进行净化,可以,我对perl并不熟悉.
I dont use IPv6 so dont care about it. If you purify this, you can, I'm not familiar with perl.
这篇关于GDPR-在Nginx中匿名IP(最后一个八位位组%2 = 0)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!