Skip to content

Feature/sensitive ip #6132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
317787106 wants to merge 4 commits into from
Closed

Feature/sensitive ip #6132

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a8ea721
initial commit
317787106 Nov 13, 2024
a31763e
revise if sensitiveCache is empty
317787106 Nov 13, 2024
a154dcb
ignore / of address
317787106 Nov 13, 2024
7bd057d
replace unknown ip with string IP
317787106 Nov 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions framework/src/main/java/org/tron/common/logsfilter/DesensitizedConverter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
package org.tron.common.logsfilter;

import ch.qos.logback.classic.pattern.ClassicConverter;
import ch.qos.logback.classic.spi.ILoggingEvent;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import lombok.extern.slf4j.Slf4j;
import org.tron.core.config.args.Args;

@Slf4j(topic = "Parser")
public class DesensitizedConverter extends ClassicConverter {

private static final int SENSITIVE_WORD_SIZE = 1_000;

private static final Pattern pattern = Pattern.compile(
"(((25[0-5]|2[0-4]\\d|((1\\d{2})|([1-9]?\\d)))\\.){3}(25[0-5]|2[0-4]\\d|((1\\d{2})|"
+ "([1-9]?\\d))))");

private static final Cache<String, String> sensitiveCache = CacheBuilder.newBuilder()
.maximumSize(SENSITIVE_WORD_SIZE)
.recordStats().build();

public static void addSensitive(String key, String value) {
sensitiveCache.put(key, value);
}

private String desensitization(String content) {
Matcher matcher = pattern.matcher(content);
while (matcher.find()) {
String key = matcher.group();
String value = sensitiveCache.getIfPresent(key);
if (value != null) {
content = content.replaceAll(key, value);
} else {
content = content.replaceAll(key, "IP");
}
}

return content;
}

@Override
public String convert(ILoggingEvent iLoggingEvent) {
String source = iLoggingEvent.getFormattedMessage();
return Args.getInstance().isFastForward() ? desensitization(source) : source;
}
}
7 changes: 7 additions & 0 deletions framework/src/main/java/org/tron/core/net/service/relay/RelayService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,11 @@
import org.tron.common.crypto.SignInterface;
import org.tron.common.crypto.SignUtils;
import org.tron.common.es.ExecutorServiceManager;
import org.tron.common.logsfilter.DesensitizedConverter;
import org.tron.common.parameter.CommonParameter;
import org.tron.common.utils.ByteArray;
import org.tron.common.utils.ByteUtil;
import org.tron.common.utils.DecodeUtil;
import org.tron.common.utils.Sha256Hash;
import org.tron.core.ChainBaseManager;
import org.tron.core.capsule.TransactionCapsule;
Expand Down Expand Up @@ -156,6 +159,10 @@ public boolean checkHelloMessage(HelloMessage message, Channel channel) {
}
if (flag) {
TronNetService.getP2pConfig().getTrustNodes().add(channel.getInetAddress());
byte[] addressByte = ByteUtil.merge(new byte[] {DecodeUtil.addressPreFixByte},
msg.getAddress().toByteArray());
DesensitizedConverter.addSensitive(channel.getInetAddress().toString().substring(1),
ByteArray.toHexString(addressByte));
}
return flag;
} catch (Exception e) {
Expand Down
2 changes: 2 additions & 0 deletions framework/src/main/resources/logback.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

<!-- Be sure to flush latest logs on exit -->
<shutdownHook class="org.tron.core.config.TronLogShutdownHook"/>
<conversionRule conversionWord="m"
converterClass="org.tron.common.logsfilter.DesensitizedConverter"/>

<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
Expand Down
31 changes: 31 additions & 0 deletions framework/src/test/java/org/tron/common/logsfilter/DesensitizedConverterTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
package org.tron.common.logsfilter;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import org.junit.Assert;
import org.junit.Test;

public class DesensitizedConverterTest {

@Test
public void testReplace()
throws NoSuchMethodException, InvocationTargetException, IllegalAccessException {
DesensitizedConverter converter = new DesensitizedConverter();
DesensitizedConverter.addSensitive("192.168.1.10", "address1");
DesensitizedConverter.addSensitive("197.168.1.10", "address2");

Method method = converter.getClass().getDeclaredMethod(
"desensitization", String.class);
method.setAccessible(true);

String logStr1 = "This is test log /192.168.1.10:100, /197.168.1.10:200, /197.168.1.10:100";
String result1 = (String) method.invoke(converter, logStr1);
Assert.assertEquals("This is test log /address1:100, /address2:200, /address2:100",
result1);

String logStr2 = "This is test log /192.168.1.100:100, /197.168.1.10:200, /197.168.1.10:100";
String result2 = (String) method.invoke(converter, logStr2);
Assert.assertEquals("This is test log /IP:100, /address2:200, /address2:100",
result2);
}
}
Loading