From 8260746fe105a8ee9e61bce927713e486d1b9962 Mon Sep 17 00:00:00 2001 From: bunkerity Date: Wed, 19 May 2021 11:11:18 +0200 Subject: [PATCH] logs/lua - add logger tool --- confs/global/api-temp.conf | 5 ++-- confs/global/api.conf | 5 ++-- confs/global/init-lua.conf | 5 ++-- confs/site/antibot-captcha.conf | 10 ++++--- confs/site/antibot-javascript.conf | 10 ++++--- confs/site/antibot-recaptcha.conf | 10 ++++--- confs/site/main-lua.conf | 44 ++++++++++++++++-------------- lua/behavior.lua | 9 +++--- lua/blacklist.lua | 5 ++-- lua/dataloader.lua | 13 +++++---- lua/dnsbl.lua | 3 +- lua/logger.lua | 8 ++++++ lua/whitelist.lua | 11 ++++---- 13 files changed, 81 insertions(+), 57 deletions(-) create mode 100644 lua/logger.lua diff --git a/confs/global/api-temp.conf b/confs/global/api-temp.conf index a68ca55..1dd21aa 100644 --- a/confs/global/api-temp.conf +++ b/confs/global/api-temp.conf @@ -10,14 +10,15 @@ rewrite_by_lua_block { local api = require "api" local api_whitelist_ip = {%API_WHITELIST_IP%} local api_uri = "%API_URI%" + local logger = require "logger" if api.is_api_call(api_uri, api_whitelist_ip) then ngx.header.content_type = 'text/plain' if api.do_api_call(api_uri) then - ngx.log(ngx.NOTICE, "[API] API call " .. ngx.var.request_uri .. " successfull from " .. ngx.var.remote_addr) + logger.log(ngx.NOTICE, "API", "API call " .. ngx.var.request_uri .. " successfull from " .. ngx.var.remote_addr) ngx.say("ok") else - ngx.log(ngx.WARN, "[API] API call " .. ngx.var.request_uri .. " failed from " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "API", "API call " .. ngx.var.request_uri .. " failed from " .. ngx.var.remote_addr) ngx.say("ko") end diff --git a/confs/global/api.conf b/confs/global/api.conf index e306120..90e348c 100644 --- a/confs/global/api.conf +++ b/confs/global/api.conf @@ -3,14 +3,15 @@ rewrite_by_lua_block { local api = require "api" local api_whitelist_ip = {%API_WHITELIST_IP%} local api_uri = "%API_URI%" + local logger = require "logger" if api.is_api_call(api_uri, api_whitelist_ip) then ngx.header.content_type = 'text/plain' if api.do_api_call(api_uri) then - ngx.log(ngx.NOTICE, "[API] API call " .. ngx.var.request_uri .. " successfull from " .. ngx.var.remote_addr) + logger.log(ngx.NOTICE, "API", "API call " .. ngx.var.request_uri .. " successfull from " .. ngx.var.remote_addr) ngx.say("ok") else - ngx.log(ngx.WARN, "[API] API call " .. ngx.var.request_uri .. " failed from " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "API", "API call " .. ngx.var.request_uri .. " failed from " .. ngx.var.remote_addr) ngx.say("ko") end diff --git a/confs/global/init-lua.conf b/confs/global/init-lua.conf index 9db9092..b95d844 100644 --- a/confs/global/init-lua.conf +++ b/confs/global/init-lua.conf @@ -1,6 +1,7 @@ init_by_lua_block { local dataloader = require "dataloader" +local logger = require "logger" local use_proxies = %USE_PROXIES% local use_abusers = %USE_ABUSERS% @@ -33,10 +34,10 @@ if use_crowdsec then local cs = require "crowdsec.CrowdSec" local ok, err = cs.init("/etc/nginx/crowdsec.conf") if ok == nil then - ngx.log(ngx.ERR, "[CROWDSEC] " .. err) + logger.log(ngx.ERR, "CROWDSEC", err) error() end - ngx.log(ngx.ERR, "[CROWDSEC] *NOT AN ERROR* initialisation done") + logger.log(ngx.ERR, "CROWDSEC" "*NOT AN ERROR* initialisation done") end } diff --git a/confs/site/antibot-captcha.conf b/confs/site/antibot-captcha.conf index 92713f4..85d24bf 100644 --- a/confs/site/antibot-captcha.conf +++ b/confs/site/antibot-captcha.conf @@ -6,8 +6,9 @@ location = %ANTIBOT_URI% { content_by_lua_block { local cookie = require "cookie" local captcha = require "captcha" + local logger = require "logger" if not cookie.is_set("uri") then - ngx.log(ngx.NOTICE, "[ANTIBOT] captcha fail (1) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "captcha fail (1) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end local img, res = captcha.get_challenge() @@ -21,20 +22,21 @@ location = %ANTIBOT_URI% { access_by_lua_block { local cookie = require "cookie" local captcha = require "captcha" + local logger = require "logger" if not cookie.is_set("captchares") then - ngx.log(ngx.NOTICE, "[ANTIBOT] captcha fail (2) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "captcha fail (2) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end ngx.req.read_body() local args, err = ngx.req.get_post_args(1) if err == "truncated" or not args or not args["captcha"] then - ngx.log(ngx.NOTICE, "[ANTIBOT] captcha fail (3) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "captcha fail (3) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end local captcha_user = args["captcha"] local check = captcha.check(captcha_user, cookie.get("captchares")) if not check then - ngx.log(ngx.NOTICE, "[ANTIBOT] captcha fail (4) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "captcha fail (4) for " .. ngx.var.remote_addr) return ngx.redirect("%ANTIBOT_URI%") end cookie.set({captcha = "ok"}) diff --git a/confs/site/antibot-javascript.conf b/confs/site/antibot-javascript.conf index a8037ee..2052b9d 100644 --- a/confs/site/antibot-javascript.conf +++ b/confs/site/antibot-javascript.conf @@ -6,8 +6,9 @@ location = %ANTIBOT_URI% { content_by_lua_block { local cookie = require "cookie" local javascript = require "javascript" + local logger = require "logger" if not cookie.is_set("challenge") then - ngx.log(ngx.WARN, "[ANTIBOT] javascript fail (1) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "javascript fail (1) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end local challenge = cookie.get("challenge") @@ -20,20 +21,21 @@ location = %ANTIBOT_URI% { content_by_lua_block { local cookie = require "cookie" local javascript = require "javascript" + local logger = require "logger" if not cookie.is_set("challenge") then - ngx.log(ngx.WARN, "[ANTIBOT] javascript fail (2) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "javascript fail (2) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end ngx.req.read_body() local args, err = ngx.req.get_post_args(1) if err == "truncated" or not args or not args["challenge"] then - ngx.log(ngx.WARN, "[ANTIBOT] javascript fail (3) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "javascript fail (3) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end local challenge = args["challenge"] local check = javascript.check(cookie.get("challenge"), challenge) if not check then - ngx.log(ngx.WARN, "[ANTIBOT] javascript fail (4) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "javascript fail (4) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end cookie.set({javascript = "ok"}) diff --git a/confs/site/antibot-recaptcha.conf b/confs/site/antibot-recaptcha.conf index c9cffd3..d901f36 100644 --- a/confs/site/antibot-recaptcha.conf +++ b/confs/site/antibot-recaptcha.conf @@ -6,8 +6,9 @@ location = %ANTIBOT_URI% { content_by_lua_block { local cookie = require "cookie" local recaptcha = require "recaptcha" + local loggger = require "logger" if not cookie.is_set("uri") then - ngx.log(ngx.NOTICE, "[ANTIBOT] recaptcha fail (1) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "recaptcha fail (1) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end local code = recaptcha.get_code("%ANTIBOT_URI%", "%ANTIBOT_RECAPTCHA_SITEKEY%") @@ -19,20 +20,21 @@ location = %ANTIBOT_URI% { access_by_lua_block { local cookie = require "cookie" local recaptcha = require "recaptcha" + local logger = require "logger" if not cookie.is_set("uri") then - ngx.log(ngx.NOTICE, "[ANTIBOT] recaptcha fail (2) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "recaptcha fail (2) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end ngx.req.read_body() local args, err = ngx.req.get_post_args(1) if err == "truncated" or not args or not args["token"] then - ngx.log(ngx.NOTICE, "[ANTIBOT] recaptcha fail (3) for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "recaptcha fail (3) for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) end local token = args["token"] local check = recaptcha.check(token, "%ANTIBOT_RECAPTCHA_SECRET%") if check < %ANTIBOT_RECAPTCHA_SCORE% then - ngx.log(ngx.NOTICE, "[ANTIBOT] recaptcha fail (4) for " .. ngx.var.remote_addr .. " (score = " .. tostring(check) .. ")") + logger.log(ngx.WARN, "ANTIBOT", "recaptcha fail (4) for " .. ngx.var.remote_addr .. " (score = " .. tostring(check) .. ")") return ngx.exit(ngx.HTTP_FORBIDDEN) end cookie.set({recaptcha = "ok"}) diff --git a/confs/site/main-lua.conf b/confs/site/main-lua.conf index 3fe5f0a..7d0607c 100644 --- a/confs/site/main-lua.conf +++ b/confs/site/main-lua.conf @@ -48,15 +48,16 @@ local dnsbl_list = {%DNSBL_LIST%} local use_bad_behavior = %USE_BAD_BEHAVIOR% -- include LUA code -local whitelist = require "whitelist" -local blacklist = require "blacklist" -local dnsbl = require "dnsbl" -local cookie = require "cookie" -local javascript = require "javascript" -local captcha = require "captcha" -local recaptcha = require "recaptcha" -local iputils = require "resty.iputils" -local behavior = require "behavior" +local whitelist = require "whitelist" +local blacklist = require "blacklist" +local dnsbl = require "dnsbl" +local cookie = require "cookie" +local javascript = require "javascript" +local captcha = require "captcha" +local recaptcha = require "recaptcha" +local iputils = require "resty.iputils" +local behavior = require "behavior" +local logger = require "logger" -- user variables local antibot_uri = "%ANTIBOT_URI%" @@ -101,13 +102,14 @@ end -- check if URI is whitelisted for k, v in pairs(whitelist_uri) do if ngx.var.request_uri == v then - ngx.log(ngx.NOTICE, "[WHITELIST] URI " .. v .. " is whitelisted") + logger.log(ngx.NOTICE, "WHITELIST", "URI " .. v .. " is whitelisted") ngx.exit(ngx.OK) end end -- check if it's certbot if use_lets_encrypt and string.match(ngx.var.request_uri, "^/.well-known/acme-challenge/") then + logger.log(ngx.INFO, "LETSENCRYPT", "got a visit from Let's Encrypt") ngx.exit(ngx.OK) end @@ -127,7 +129,7 @@ end -- check if IP is banned because of "bad behavior" if use_bad_behavior and behavior.is_banned() then - ngx.log(ngx.NOTICE, "[BLOCK] IP " .. ngx.var.remote_addr .. " is banned because of bad behavior") + logger.log(ngx.WARN, "BEHAVIOR", "IP " .. ngx.var.remote_addr .. " is banned because of bad behavior") ngx.exit(ngx.HTTP_FORBIDDEN) end @@ -135,7 +137,7 @@ end if use_proxies then local value, flags = ngx.shared.proxies_data:get(iputils.ip2bin(ngx.var.remote_addr)) if value ~= nil then - ngx.log(ngx.NOTICE, "[BLOCK] IP " .. ngx.var.remote_addr .. " is in proxies list") + logger.log(ngx.WARN, "PROXIES", "IP " .. ngx.var.remote_addr .. " is in proxies list") ngx.exit(ngx.HTTP_FORBIDDEN) end end @@ -144,7 +146,7 @@ end if use_abusers then local value, flags = ngx.shared.abusers_data:get(iputils.ip2bin(ngx.var.remote_addr)) if value ~= nil then - ngx.log(ngx.NOTICE, "[BLOCK] IP " .. ngx.var.remote_addr .. " is in abusers list") + logger.log(ngx.WARN, "ABUSERS", "IP " .. ngx.var.remote_addr .. " is in abusers list") ngx.exit(ngx.HTTP_FORBIDDEN) end end @@ -153,7 +155,7 @@ end if use_tor_exit_nodes then local value, flags = ngx.shared.tor_exit_nodes_data:get(iputils.ip2bin(ngx.var.remote_addr)) if value ~= nil then - ngx.log(ngx.NOTICE, "[BLOCK] IP " .. ngx.var.remote_addr .. " is in TOR exit nodes list") + logger.log(ngx.WARN, "TOR", "IP " .. ngx.var.remote_addr .. " is in TOR exit nodes list") ngx.exit(ngx.HTTP_FORBIDDEN) end end @@ -163,7 +165,7 @@ if use_user_agents and ngx.var.http_user_agent ~= nil then local whitelisted = false for k, v in pairs(whitelist_user_agent) do if string.match(ngx.var.http_user_agent, v) then - ngx.log(ngx.NOTICE, "[ALLOW] User-Agent " .. ngx.var.http_user_agent .. " is whitelisted") + logger.log(ngx.NOTICE, "WHITELIST", "User-Agent " .. ngx.var.http_user_agent .. " is whitelisted") whitelisted = true break end @@ -185,7 +187,7 @@ if use_user_agents and ngx.var.http_user_agent ~= nil then end end if value == "ko" then - ngx.log(ngx.NOTICE, "[BLOCK] User-Agent " .. ngx.var.http_user_agent .. " is blacklisted") + logger.log(ngx.WARN, "USER-AGENT", "User-Agent " .. ngx.var.http_user_agent .. " is blacklisted") ngx.exit(ngx.HTTP_FORBIDDEN) end end @@ -209,14 +211,14 @@ if use_referrer and ngx.var.http_referer ~= nil then end end if value == "ko" then - ngx.log(ngx.NOTICE, "[BLOCK] Referrer " .. ngx.var.http_referer .. " is blacklisted") + logger.log(ngx.WARN, "REFERRER", "Referrer " .. ngx.var.http_referer .. " is blacklisted") ngx.exit(ngx.HTTP_FORBIDDEN) end end -- check if country is allowed if use_country and ngx.var.allowed_country == "no" then - ngx.log(ngx.NOTICE, "[BLOCK] Country of " .. ngx.var.remote_addr .. " is blacklisted") + logger.log(ngx.WARN, "COUNTRY", "Country of " .. ngx.var.remote_addr .. " is blacklisted") ngx.exit(ngx.HTTP_FORBIDDEN) end @@ -231,10 +233,10 @@ end if use_crowdsec then local ok, err = require "crowdsec.CrowdSec".allowIp(ngx.var.remote_addr) if ok == nil then - ngx.log(ngx.ERR, "[Crowdsec] " .. err) + logger.log(ngx.ERR, "CROWDSEC", err) end if not ok then - ngx.log(ngx.NOTICE, "[Crowdsec] denied '" .. ngx.var.remote_addr .. "'") + logger.log(ngx.WARN, "CROWDSEC", "denied " .. ngx.var.remote_addr) ngx.exit(ngx.HTTP_FORBIDDEN) end end @@ -246,7 +248,7 @@ if use_antibot_cookie then cookie.set({uri = ngx.var.request_uri}) return ngx.redirect(antibot_uri) end - ngx.log(ngx.NOTICE, "[ANTIBOT] cookie fail for " .. ngx.var.remote_addr) + logger.log(ngx.WARN, "ANTIBOT", "cookie fail for " .. ngx.var.remote_addr) return ngx.exit(ngx.HTTP_FORBIDDEN) else if ngx.var.request_uri == antibot_uri then diff --git a/lua/behavior.lua b/lua/behavior.lua index 215308b..33828e4 100644 --- a/lua/behavior.lua +++ b/lua/behavior.lua @@ -1,4 +1,5 @@ -local M = {} +local M = {} +local logger = require "logger" function M.is_banned () return ngx.shared.behavior_ban:get(ngx.var.remote_addr) == true @@ -14,14 +15,14 @@ function M.count (status_codes, threshold, count_time, ban_time) count = count + 1 local ok, err = ngx.shared.behavior_count:set(ngx.var.remote_addr, count, count_time) if not ok then - ngx.log(ngx.ERR, "[BEHAVIOR] not enough memory allocated to behavior_ip_count") + logger.log(ngx.ERR, "BEHAVIOR", "not enough memory allocated to behavior_ip_count") return end if count >= threshold then - ngx.log(ngx.NOTICE, "[BEHAVIOR] threshold reached for " .. ngx.var.remote_addr .. " (" .. count .. " / " .. threshold .. ") : IP is banned for " .. ban_time .. " seconds") + logger.log(ngx.WARN, "BEHAVIOR", "threshold reached for " .. ngx.var.remote_addr .. " (" .. count .. " / " .. threshold .. ") : IP is banned for " .. ban_time .. " seconds") local ok, err = ngx.shared.behavior_ban:safe_set(ngx.var.remote_addr, true, ban_time) if not ok then - ngx.log(ngx.ERR, "[BEHAVIOR] not enough memory allocated to behavior_ip_ban") + logger.log(ngx.ERR, "BEHAVIOR", "not enough memory allocated to behavior_ip_ban") return end end diff --git a/lua/blacklist.lua b/lua/blacklist.lua index 6ee954d..10dd5a8 100644 --- a/lua/blacklist.lua +++ b/lua/blacklist.lua @@ -1,6 +1,7 @@ local M = {} local dns = require "dns" local iputils = require "resty.iputils" +local logger = require "logger" function M.ip_cached_ko () return ngx.shared.blacklist_ip_cache:get(ngx.var.remote_addr) == "ko" @@ -23,7 +24,7 @@ function M.check_ip (ip_list) local blacklist = iputils.parse_cidrs(ip_list) if iputils.ip_in_cidrs(ngx.var.remote_addr, blacklist) then ngx.shared.blacklist_ip_cache:set(ngx.var.remote_addr, "ko", 86400) - ngx.log(ngx.NOTICE, "ip " .. ngx.var.remote_addr .. " is in blacklist") + logger.log(ngx.WARN, "BLACKLIST", "ip " .. ngx.var.remote_addr .. " is in blacklist") return true end end @@ -38,7 +39,7 @@ function M.check_reverse (reverse_list, resolvers) for k, v in ipairs(reverse_list) do if rdns:sub(-#v) == v then ngx.shared.blacklist_reverse_cache:set(ngx.var.remote_addr, "ko", 86400) - ngx.log(ngx.NOTICE, "reverse " .. rdns .. " is in blacklist") + logger.log(ngx.WARN, "BLACKLIST", "reverse " .. rdns .. " is in blacklist") return true end end diff --git a/lua/dataloader.lua b/lua/dataloader.lua index 1c7a50d..57d38b7 100644 --- a/lua/dataloader.lua +++ b/lua/dataloader.lua @@ -1,5 +1,6 @@ local M = {} local iputils = require "resty.iputils" +local logger = require "logger" function M.flush_dict (dict) local keys = dict:get_keys(0) @@ -12,7 +13,7 @@ function M.load_ip (path, dict) M.flush_dict(dict) local file = io.open(path, "r") if not file then - ngx.log(ngx.ERR, "[INIT] can't open " .. path) + logger.log(ngx.ERR, "INIT", "can't open " .. path) else io.input(file) local i = 0 @@ -24,7 +25,7 @@ function M.load_ip (path, dict) while bin_ip <= upper do local ok, err = dict:safe_set(bin_ip, true, 0) if not ok then - ngx.log(ngx.ERR, "[INIT] not enough memory allocated to load data from " .. path) + logger.log(ngx.ERR, "INIT", "not enough memory allocated to load data from " .. path) continue = false break end @@ -40,7 +41,7 @@ function M.load_ip (path, dict) break end end - ngx.log(ngx.ERR, "[INIT] *NOT AN ERROR* loaded " .. tostring(i) .. " IPs from " .. path) + logger.log(ngx.ERR, "INIT", "*NOT AN ERROR* loaded " .. tostring(i) .. " IPs from " .. path) io.close(file) end end @@ -49,19 +50,19 @@ function M.load_raw (path, dict) M.flush_dict(dict) local file = io.open(path, "r") if not file then - ngx.log(ngx.ERR, "[INIT] can't open " .. path) + logger.log(ngx.ERR, "INIT", "can't open " .. path) else io.input(file) local i = 0 for line in io.lines() do local ok, err = dict:safe_set(line, true, 0) if not ok then - ngx.log(ngx.ERR, "[INIT] not enough memory allocated to load data from " .. path) + logger.log(ngx.ERR, "INIT", "not enough memory allocated to load data from " .. path) break end i = i + 1 end - ngx.log(ngx.ERR, "[INIT] *NOT AN ERROR* loaded " .. tostring(i) .. " entries from " .. path) + logger.log(ngx.ERR, "INIT", "*NOT AN ERROR* loaded " .. tostring(i) .. " entries from " .. path) io.close(file) end end diff --git a/lua/dnsbl.lua b/lua/dnsbl.lua index a41626e..a39ee31 100644 --- a/lua/dnsbl.lua +++ b/lua/dnsbl.lua @@ -1,5 +1,6 @@ local M = {} local dns = require "dns" +local logger = require "logger" function M.cached_ko () return ngx.shared.dnsbl_cache:get(ngx.var.remote_addr) == "ko" @@ -18,7 +19,7 @@ function M.check (dnsbls, resolvers) local a,b,c,d = v2:match("([%d]+).([%d]+).([%d]+).([%d]+)") if a == "127" then ngx.shared.dnsbl_cache:set(ngx.var.remote_addr, "ko", 86400) - ngx.log(ngx.NOTICE, "ip " .. ngx.var.remote_addr .. " is in DNSBL " .. v) + logger.log(ngx.WARN, "DNSBL", "ip " .. ngx.var.remote_addr .. " is in DNSBL " .. v) return true end end diff --git a/lua/logger.lua b/lua/logger.lua new file mode 100644 index 0000000..2220829 --- /dev/null +++ b/lua/logger.lua @@ -0,0 +1,8 @@ +local M = {} +local errlog = require "ngx.errlog" + +function M.log (level, prefix, msg) + errlog.raw_log(level, "[" .. prefix .. "] " .. msg) +end + +return M diff --git a/lua/whitelist.lua b/lua/whitelist.lua index 78e9961..de5d8aa 100644 --- a/lua/whitelist.lua +++ b/lua/whitelist.lua @@ -1,6 +1,7 @@ -local M = {} -local dns = require "dns" -local iputils = require "resty.iputils" +local M = {} +local dns = require "dns" +local iputils = require "resty.iputils" +local logger = require "logger" function M.ip_cached_ok () return ngx.shared.whitelist_ip_cache:get(ngx.var.remote_addr) == "ok" @@ -23,7 +24,7 @@ function M.check_ip (ip_list) local whitelist = iputils.parse_cidrs(ip_list) if iputils.ip_in_cidrs(ngx.var.remote_addr, whitelist) then ngx.shared.whitelist_ip_cache:set(ngx.var.remote_addr, "ok", 86400) - ngx.log(ngx.NOTICE, "ip " .. ngx.var.remote_addr .. " is in whitelist") + logger.log(ngx.NOTICE, "WHITELIST", "ip " .. ngx.var.remote_addr .. " is in whitelist") return true end end @@ -47,7 +48,7 @@ function M.check_reverse (reverse_list, resolvers) for k, v in ipairs(ips) do if v == ngx.var.remote_addr then ngx.shared.whitelist_reverse_cache:set(ngx.var.remote_addr, "ok", 86400) - ngx.log(ngx.NOTICE, "reverse " .. rdns .. " is in whitelist") + logger.log(ngx.NOTICE, "WHITELIST", "reverse " .. rdns .. " is in whitelist") return true end end