You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Ognjen Blagojevic <og...@gmail.com> on 2011/07/11 18:55:13 UTC
Use canonical IPv6 text representation in logs
Hi,
In AccessLogValve and on other places where IPv6 address is logged or
printed, it would bi good if Tomcat would use canonical IPv6 format as
described in RFC 5952 [1] (especially note section "3.2.2. Logging"), e.g:
1. instead of logging 2001:4000:0:5:0:0:0:66, it should log
2001:4000:0:5::66,
2. instead of logging 0:0:0:0:0:0:0:1, it should log ::1.
What do you think about that?
Class Inet6Address method getHostAddress confirms to RFC
recommendations, in everything except in zero groups handling. It simply
prints full form with all zeroes. In Java API I don't see any method to
convert it to canonical form.
I wrote small utility that converts Inet6Address object into canonical
representation. Are you interested in such contribution? Should it be
contributed directly to Tomcat code, or maybe offered to Jakarta Commons
project (Codec or Net component)? If it is contributed to Jakarta
Commons project, would it be a problem to use it in Tomcat, because of
new dependency? Net component seems to be quite big (all kind of
protocol implementations), while Codec contains only small number of
conversion classes, so if it is contributed to commons, is Codec
component better choice?
Regards,
Ognjen
[1] http://tools.ietf.org/html/rfc5952
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: Use canonical IPv6 text representation in logs
Posted by Ognjen Blagojevic <og...@gmail.com>.
On 11.7.2011 20:57, Konstantin Kolinko wrote:
> I wonder how Apache HTTPD server handles IP6 addresses.
Out-of-the-box, without any specific configuration, my httpd 2.2.3
installation on CentOS 5.6, seems to use canonized text representation.
Here is the log excerpt, slightly obfuscated:
====
2001:aaaa:0:a::aa - - [11/Jul/2011:22:32:03 +0200] "GET /aaa/aaa.css
HTTP/1.1" 304 - "http://aaa.example.com/aaa/aaa.aaa" "Mozilla/5.0
(Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"
----
So does Linux:
====
login as: root
root@aaa's password:
Last login: Wed Jul 6 14:17:27 2011 from 2001:aaaa:0:a::aa
[root@aaa ~]# host aaa
aaa.example.com has address 123.12.1.123
aaa.example.com has IPv6 address 2001:aaaa:0:aa::aaa
----
...and Windows XP:
====
C:\Documents and Settings\ognjen>netstat -na
Active Connections
Proto Local Address Foreign Address State
(snip)
TCP [2001:aaaa:0:a::aa]:2276 [2001:aaaa:0:aa::aaa]:22
ESTABLISHED 0
----
>> 2. AccessLogValve system property (-D...)
>> 3. Global Tomcat XML parameter?
>> 4. Global Tomcat system property?
>
> I do not like 2.,3. or 4.
I understand, but then we should add similar parameter to every other
filter/valve/logger that could use IPv6 addresses, right?
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: Use canonical IPv6 text representation in logs
Posted by Konstantin Kolinko <kn...@gmail.com>.
2011/7/11 Ognjen Blagojevic <og...@gmail.com>:
>
>> (or provide a configuration option).
>
> That is also possibility. What would be good place to configure:
>
> 1. AccessLogValve XML parameter?
AccessLovValve property
(and thus it automatically becomes settable through XML, and after
additional configuration through JMX as well),
or additional % parameter in the pattern.
I wonder how Apache HTTPD server handles IP6 addresses.
http://httpd.apache.org/docs/current/mod/mod_log_config.html#formats
says nothing
> 2. AccessLogValve system property (-D...)
> 3. Global Tomcat XML parameter?
> 4. Global Tomcat system property?
I do not like 2.,3. or 4.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: Use canonical IPv6 text representation in logs
Posted by Ognjen Blagojevic <og...@gmail.com>.
Konstantin,
> 1. One should really ask system administrators what they prefer
What would be the right place to do that? User list, maybe? I assume at
least some of Tomcat developers are also involved in system
administration, so I hope they will state their opinion here.
> (or provide a configuration option).
That is also possibility. What would be good place to configure:
1. AccessLogValve XML parameter?
2. AccessLogValve system property (-D...)
3. Global Tomcat XML parameter?
4. Global Tomcat system property?
> Personally I would prefer the full address, as I think it is easier
> when all is data is visible, and it is easier to search or filter.
I thought that at first, but after looking IPv6 addresses in log files
for some time, I changed my mind. Shorter means easier to read, and
easier to search... if there are no ambiguities.
> If there are several sequences of zeros, only one of them can be
> collapsed. This introduces ambiguity when trying to specify a search
> filter.
Actually, mentioned RFC resolves all ambiguities:
====
When there is an alternative choice in the placement of a "::", the
longest run of consecutive 16-bit 0 fields MUST be shortened (i.e.,
the sequence with three consecutive zero fields is shortened in 2001:
0:0:1:0:0:0:1). When the length of the consecutive 16-bit 0 fields
are equal (i.e., 2001:db8:0:0:1:0:0:1), the first sequence of zero
bits MUST be shortened. For example, 2001:db8::1:0:0:1 is correct
representation.
----
> 2. If you want to contribute, please create a bugzilla entry, mark it
> as an enhancement.
Ok, I created:
https://issues.apache.org/bugzilla/show_bug.cgi?id=51497
> The class may go into org.apache.tomcat.util.net. I would prefer to
> see some JUnit tests together with the class.
Of course, I have JUnit for all the examples in the RFC.
> 3. Regarding Apache Commons: you can ask on their mailing lists.
...
> As thus, your contribution to Tomcat can be independent from Commons.
Ok, let's see first if it works for Tomcat.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: Use canonical IPv6 text representation in logs
Posted by Konstantin Kolinko <kn...@gmail.com>.
2011/7/11 Ognjen Blagojevic <og...@gmail.com>:
> Hi,
>
> In AccessLogValve and on other places where IPv6 address is logged or
> printed, it would bi good if Tomcat would use canonical IPv6 format as
> described in RFC 5952 [1] (especially note section "3.2.2. Logging"), e.g:
>
> 1. instead of logging 2001:4000:0:5:0:0:0:66, it should log
> 2001:4000:0:5::66,
> 2. instead of logging 0:0:0:0:0:0:0:1, it should log ::1.
>
> What do you think about that?
>
>
> Class Inet6Address method getHostAddress confirms to RFC recommendations, in
> everything except in zero groups handling. It simply prints full form with
> all zeroes. In Java API I don't see any method to convert it to canonical
> form.
>
> I wrote small utility that converts Inet6Address object into canonical
> representation. Are you interested in such contribution? Should it be
> contributed directly to Tomcat code, or maybe offered to Jakarta Commons
> project (Codec or Net component)? If it is contributed to Jakarta Commons
> project, would it be a problem to use it in Tomcat, because of new
> dependency? Net component seems to be quite big (all kind of protocol
> implementations), while Codec contains only small number of conversion
> classes, so if it is contributed to commons, is Codec component better
> choice?
>
> Regards,
> Ognjen
>
> [1] http://tools.ietf.org/html/rfc5952
1. One should really ask system administrators what they prefer
(or provide a configuration option).
Personally I would prefer the full address, as I think it is easier
when all is data is visible, and it is easier to search or filter.
If there are several sequences of zeros, only one of them can be
collapsed. This introduces ambiguity when trying to specify a search
filter.
2. If you want to contribute, please create a bugzilla entry, mark it
as an enhancement.
The class may go into org.apache.tomcat.util.net. I would prefer to
see some JUnit tests together with the class.
3. Regarding Apache Commons: you can ask on their mailing lists.
When Tomcat uses some code from Apache Commons we always rename it
into different package, to avoid conflicts with the same libraries
used by web applications.
There are two approaches
a) it is copied into our source tree - such are Commons FileUpload,
Commons Digester, Commons Modeler and Apache BCEL.
b) original sources are processed through renaming filter and
recompiled when Tomcat builds - such are Commons Logging, Commons Pool
and Commons DBCP.
As thus, your contribution to Tomcat can be independent from Commons.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org