mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-11-16 02:18:28 -07:00
d2cf3233b8
Merge in DNS/adguard-home from 3890-fix-stats to master
Updates #3890.
Squashed commit of the following:
commit a77a6204bc8a58f62a4fac70efdcae4267a64810
Merge: 834493a2 90e65b66
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 17:22:16 2021 +0300
Merge branch 'master' into 3890-fix-stats
commit 834493a22ae79199efcc44e0715e2ac6f6272963
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 17:09:30 2021 +0300
querylog: load once
commit b8000e7ba7a998fcd4553230ec5e5f9c90106e31
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 16:54:41 2021 +0300
querylog: fix docs
commit 7db99ccfa19b58100950c11d67b23bca7af3e5cb
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 16:51:31 2021 +0300
querylog: imp docs
commit 2a84650bd7ac5195730a7ab47b9562a83f721499
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 15:48:09 2021 +0300
querylog: imp anonyization
commit 0f63feb1ff5f006fc528c3b681ef3b9d2199581e
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 14:44:37 2021 +0300
all: imp code & docs
commit c4ccdcbb7248897edd178fd5cb77127e39ada73d
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 14:24:30 2021 +0300
all: log changes
commit 60bb777a5aff36bba129a078fa11ae566298178a
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Mon Dec 6 14:08:41 2021 +0300
all: use atomic value
commit c45886bd20eee2212b42686ff369830d8c08fe36
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date: Tue Nov 30 18:50:02 2021 +0300
all: anonymize separately
274 lines
7.0 KiB
Go
274 lines
7.0 KiB
Go
package querylog
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net"
|
|
"net/http"
|
|
"net/url"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/AdguardTeam/golibs/jsonutil"
|
|
"github.com/AdguardTeam/golibs/log"
|
|
"github.com/AdguardTeam/golibs/stringutil"
|
|
"github.com/AdguardTeam/golibs/timeutil"
|
|
"golang.org/x/net/idna"
|
|
)
|
|
|
|
type qlogConfig struct {
|
|
Enabled bool `json:"enabled"`
|
|
// Use float64 here to support fractional numbers and not mess the API
|
|
// users by changing the units.
|
|
Interval float64 `json:"interval"`
|
|
AnonymizeClientIP bool `json:"anonymize_client_ip"`
|
|
}
|
|
|
|
// Register web handlers
|
|
func (l *queryLog) initWeb() {
|
|
l.conf.HTTPRegister(http.MethodGet, "/control/querylog", l.handleQueryLog)
|
|
l.conf.HTTPRegister(http.MethodGet, "/control/querylog_info", l.handleQueryLogInfo)
|
|
l.conf.HTTPRegister(http.MethodPost, "/control/querylog_clear", l.handleQueryLogClear)
|
|
l.conf.HTTPRegister(http.MethodPost, "/control/querylog_config", l.handleQueryLogConfig)
|
|
}
|
|
|
|
func httpError(r *http.Request, w http.ResponseWriter, code int, format string, args ...interface{}) {
|
|
text := fmt.Sprintf(format, args...)
|
|
|
|
log.Info("QueryLog: %s %s: %s", r.Method, r.URL, text)
|
|
|
|
http.Error(w, text, code)
|
|
}
|
|
|
|
func (l *queryLog) handleQueryLog(w http.ResponseWriter, r *http.Request) {
|
|
params, err := l.parseSearchParams(r)
|
|
if err != nil {
|
|
httpError(r, w, http.StatusBadRequest, "failed to parse params: %s", err)
|
|
return
|
|
}
|
|
|
|
// search for the log entries
|
|
entries, oldest := l.search(params)
|
|
|
|
// convert log entries to JSON
|
|
data := l.entriesToJSON(entries, oldest)
|
|
|
|
jsonVal, err := json.Marshal(data)
|
|
if err != nil {
|
|
httpError(r, w, http.StatusInternalServerError, "Couldn't marshal data into json: %s", err)
|
|
return
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_, err = w.Write(jsonVal)
|
|
if err != nil {
|
|
httpError(r, w, http.StatusInternalServerError, "Unable to write response json: %s", err)
|
|
}
|
|
}
|
|
|
|
func (l *queryLog) handleQueryLogClear(_ http.ResponseWriter, _ *http.Request) {
|
|
l.clear()
|
|
}
|
|
|
|
// Get configuration
|
|
func (l *queryLog) handleQueryLogInfo(w http.ResponseWriter, r *http.Request) {
|
|
resp := qlogConfig{}
|
|
resp.Enabled = l.conf.Enabled
|
|
resp.Interval = l.conf.RotationIvl.Hours() / 24
|
|
resp.AnonymizeClientIP = l.conf.AnonymizeClientIP
|
|
|
|
jsonVal, err := json.Marshal(resp)
|
|
if err != nil {
|
|
httpError(r, w, http.StatusInternalServerError, "json encode: %s", err)
|
|
return
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_, err = w.Write(jsonVal)
|
|
if err != nil {
|
|
httpError(r, w, http.StatusInternalServerError, "http write: %s", err)
|
|
}
|
|
}
|
|
|
|
// anonymizeIPSlow masks ip to anonymize the client if the ip is a valid one.
|
|
// It only exists in purposes of benchmark demonstration.
|
|
func anonymizeIPSlow(ip net.IP) {
|
|
if ip4 := ip.To4(); ip4 != nil {
|
|
copy(ip4[net.IPv4len-2:], []byte{0, 0})
|
|
} else if len(ip) == net.IPv6len {
|
|
copy(ip[net.IPv6len-10:], []byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0})
|
|
}
|
|
}
|
|
|
|
// AnonymizeIP masks ip to anonymize the client if the ip is a valid one.
|
|
func AnonymizeIP(ip net.IP) {
|
|
// We use an assignment operator here since it compiles into more efficient
|
|
// code than copy(). See BenchmarkAnonymizeIP.
|
|
if ip4 := ip.To4(); ip4 != nil {
|
|
ip4[net.IPv4len-2], ip4[net.IPv4len-1] = 0, 0
|
|
} else if len(ip) == net.IPv6len {
|
|
ip[net.IPv6len-10],
|
|
ip[net.IPv6len-9],
|
|
ip[net.IPv6len-8],
|
|
ip[net.IPv6len-7],
|
|
ip[net.IPv6len-6],
|
|
ip[net.IPv6len-5],
|
|
ip[net.IPv6len-4],
|
|
ip[net.IPv6len-3],
|
|
ip[net.IPv6len-2],
|
|
ip[net.IPv6len-1] =
|
|
0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
|
}
|
|
}
|
|
|
|
// Set configuration
|
|
func (l *queryLog) handleQueryLogConfig(w http.ResponseWriter, r *http.Request) {
|
|
d := &qlogConfig{}
|
|
req, err := jsonutil.DecodeObject(d, r.Body)
|
|
if err != nil {
|
|
httpError(r, w, http.StatusBadRequest, "%s", err)
|
|
return
|
|
}
|
|
|
|
ivl := time.Duration(float64(timeutil.Day) * d.Interval)
|
|
if req.Exists("interval") && !checkInterval(ivl) {
|
|
httpError(r, w, http.StatusBadRequest, "Unsupported interval")
|
|
return
|
|
}
|
|
|
|
defer l.conf.ConfigModified()
|
|
|
|
l.lock.Lock()
|
|
defer l.lock.Unlock()
|
|
|
|
// Copy data, modify it, then activate. Other threads (readers) don't need
|
|
// to use this lock.
|
|
conf := *l.conf
|
|
if req.Exists("enabled") {
|
|
conf.Enabled = d.Enabled
|
|
}
|
|
if req.Exists("interval") {
|
|
conf.RotationIvl = ivl
|
|
}
|
|
if req.Exists("anonymize_client_ip") {
|
|
if conf.AnonymizeClientIP = d.AnonymizeClientIP; conf.AnonymizeClientIP {
|
|
l.anonymizer.Store(AnonymizeIP)
|
|
} else {
|
|
l.anonymizer.Store(nil)
|
|
}
|
|
}
|
|
l.conf = &conf
|
|
}
|
|
|
|
// "value" -> value, return TRUE
|
|
func getDoubleQuotesEnclosedValue(s *string) bool {
|
|
t := *s
|
|
if len(t) >= 2 && t[0] == '"' && t[len(t)-1] == '"' {
|
|
*s = t[1 : len(t)-1]
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
// parseSearchCriterion parses a search criterion from the query parameter.
|
|
func (l *queryLog) parseSearchCriterion(q url.Values, name string, ct criterionType) (
|
|
ok bool,
|
|
sc searchCriterion,
|
|
err error,
|
|
) {
|
|
val := q.Get(name)
|
|
if val == "" {
|
|
return false, sc, nil
|
|
}
|
|
|
|
strict := getDoubleQuotesEnclosedValue(&val)
|
|
|
|
var asciiVal string
|
|
switch ct {
|
|
case ctTerm:
|
|
// Decode lowercased value from punycode to make EqualFold and
|
|
// friends work properly with IDNAs.
|
|
//
|
|
// TODO(e.burkov): Make it work with parts of IDNAs somehow.
|
|
loweredVal := strings.ToLower(val)
|
|
if asciiVal, err = idna.ToASCII(loweredVal); err != nil {
|
|
log.Debug("can't convert %q to ascii: %s", val, err)
|
|
} else if asciiVal == loweredVal {
|
|
// Purge asciiVal to prevent checking the same value
|
|
// twice.
|
|
asciiVal = ""
|
|
}
|
|
case ctFilteringStatus:
|
|
if !stringutil.InSlice(filteringStatusValues, val) {
|
|
return false, sc, fmt.Errorf("invalid value %s", val)
|
|
}
|
|
default:
|
|
return false, sc, fmt.Errorf(
|
|
"invalid criterion type %v: should be one of %v",
|
|
ct,
|
|
[]criterionType{ctTerm, ctFilteringStatus},
|
|
)
|
|
}
|
|
|
|
sc = searchCriterion{
|
|
criterionType: ct,
|
|
value: val,
|
|
asciiVal: asciiVal,
|
|
strict: strict,
|
|
}
|
|
|
|
return true, sc, nil
|
|
}
|
|
|
|
// parseSearchParams - parses "searchParams" from the HTTP request's query string
|
|
func (l *queryLog) parseSearchParams(r *http.Request) (p *searchParams, err error) {
|
|
p = newSearchParams()
|
|
|
|
q := r.URL.Query()
|
|
olderThan := q.Get("older_than")
|
|
if len(olderThan) != 0 {
|
|
p.olderThan, err = time.Parse(time.RFC3339Nano, olderThan)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
var limit64 int64
|
|
if limit64, err = strconv.ParseInt(q.Get("limit"), 10, 64); err == nil {
|
|
p.limit = int(limit64)
|
|
}
|
|
|
|
var offset64 int64
|
|
if offset64, err = strconv.ParseInt(q.Get("offset"), 10, 64); err == nil {
|
|
p.offset = int(offset64)
|
|
|
|
// If we don't use "olderThan" and use offset/limit instead, we should change the default behavior
|
|
// and scan all log records until we found enough log entries
|
|
p.maxFileScanEntries = 0
|
|
}
|
|
|
|
for _, v := range []struct {
|
|
urlField string
|
|
ct criterionType
|
|
}{{
|
|
urlField: "search",
|
|
ct: ctTerm,
|
|
}, {
|
|
urlField: "response_status",
|
|
ct: ctFilteringStatus,
|
|
}} {
|
|
var ok bool
|
|
var c searchCriterion
|
|
ok, c, err = l.parseSearchCriterion(q, v.urlField, v.ct)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if ok {
|
|
p.searchCriteria = append(p.searchCriteria, c)
|
|
}
|
|
}
|
|
|
|
return p, nil
|
|
}
|