outline-ss-server
outline-ss-server copied to clipboard
Jigsaw-Code
Log IP addresses of connecting devices per key to protect against abuse
Some of my users dos/ddos externals servers through VPN. and the datacenter sends me a abuse email. How can I find access key id by IP ? is there logs about this ? I would like to log the IP addresses of connecting devices per key. any solution ?
For example :
| Time | Key ID | IP |
|---|---|---|
| 2023/04/30 10:13:16 | 3 | 144.8.252.162 |
| 2023/04/30 11:34:56 | 3 | 45.19.146.148 |
| 2023/04/30 14:54:06 | 2 | 220.126.224.116 |
| 2023/04/30 21:04:25 | 10 | 63.235.39.34 |
https://github.com/Jigsaw-Code/outline-ss-server/blob/v1.7.0/service/tcp.go#L90
You can put cipherEntry.ID and netip.Addr into INFO log.
func findAccessKey(...) {
...
slog.LogAttrs(nil, slog.LevelInfo, "TCP: Found client.", slog.String("ID", entry.ID), slog.String("IP", clientIP.String()))
...
}
$ docker run --rm -it -v $PWD:/tmp golang:1.21
>>> go install github.com/Jigsaw-Code/outline-ss-server/cmd/[email protected]
>>> cd /go/pkg/mod/github.com/\!jigsaw-\!code/[email protected]/cmd/outline-ss-server
>>> sed -i '90s@^@\tslog.LogAttrs(nil, slog.LevelInfo, "TCP: Found client.", slog.String("ID", entry.ID), slog.String("IP", clientIP.String()))@' ../../service/tcp.go
>>> CGO_ENABLED=0 go build -ldflags="-X 'main.version=1.7.0-dev'" -o outline-ss-server
>>> strip outline-ss-server
>>> ./outline-ss-server -version
>>> mv outline-ss-server /tmp
>>> exit
$ ./outline-ss-server -version
outline-ss-server_1.7.0-dev_linux_x86_64.gz
