justinrh 260 Posted September 14, 2024 Posted September 14, 2024 With ""Anonymize log" on for a server log, IP addresses are still shown in these cases: 2024-09-12 18:24:18.250 Info NetworkManager: GatewayAddresses: 192.168.2.190 2024-09-12 18:24:18.250 Info NetworkManager: UnicastAddresses: 192.168.2.184 2024-09-12 18:24:18.268 Info NetworkManager: Detected local ip addresses: [{"IPAddress":"192.168.2.184","HasGateWayAddress":true,"PrefixLength":27,"IPv4Mask":"255.255.255.224"},{"IPAddress":"127.0.0.1","HasGateWayAddress":false,"PrefixLength":8,"IPv4Mask":"255.0.0.0"},{"IPAddress":"::1","HasGateWayAddress":false,"PrefixLength":128}] 2024-09-12 18:24:19.610 Info App: Init BeginReceive on 192.168.2.184 2024-09-12 18:26:02.709 Info HttpClient: GET http://192.168.2.163/discover.json 2024-09-12 18:26:06.275 Info LiveTV: Discovered tuner device HD Homerun at http://192.168.2.163 2024-09-12 21:01:01.378 Info SharedHttpPipelineSource: Opening HDHR UDP Live stream from 192.168.2.163
ebr 16184 Posted September 15, 2024 Posted September 15, 2024 Hi. I only see a local address. Am I missing it? 1
rbjtech 5284 Posted September 15, 2024 Posted September 15, 2024 (edited) @justinrh FYI There are a bunch of IP addresses that are used on all 'local/private' networks for local communication - any public IP address is converted to this type of address when it enters the LAN. After which, they are not considered public IP addresses and thus do not need to be anonymized. These are technically known as RFC1918 addresses (3 ranges) of which 192.168.x.y is one of the said ranges. Edited September 15, 2024 by rbjtech
justinrh 260 Posted September 15, 2024 Author Posted September 15, 2024 (edited) The server's local IP address is anonymized, so why would all the other addresses not be? 2 hours ago, rbjtech said: they are not considered public IP addresses and thus do not need to be anonymized So nothing in the log needs to be anonymized, right? I'm surprised the Windows username is not. Edited September 15, 2024 by justinrh
GrimReaper 4740 Posted September 15, 2024 Posted September 15, 2024 Just now, justinrh said: The server's local IP address is anonymized Where have you observed that?
justinrh 260 Posted September 15, 2024 Author Posted September 15, 2024 (edited) E.g.: (so this is not the IP address since I use the host name, haven't test with IP address, sorry if I was not accurate above) 2024-09-15 12:58:15.937 Info Server: http/1.1 POST http://host3:8096/emby/Sessions/Capabilities/Full?X-Emby-Client=Emby Web&X-Emby-Device-Name=Firefox Windows ... Okay, this is getting confusing. If the server's LAN IP is not expected to be masked and nothing else matters, why is this anonymization all about? Is it masking host names? Even then those would be internal host names - maybe Emby doesn't care to differentiate? It's really inconsistent. In today's log, I have host1, host3, no host2, and 2x refs to host4 that I don't know what it could be. Edited September 15, 2024 by justinrh
GrimReaper 4740 Posted September 15, 2024 Posted September 15, 2024 3 minutes ago, justinrh said: In today's log, I have host1, host3, no host2, and 2x refs to host4 that I don't know what it could be. You can always download (or open the log directly in browser) not anonymized logs and check/compare those entries - hostX entries would be remote addresses - either remote IPs or domain names.
justinrh 260 Posted September 15, 2024 Author Posted September 15, 2024 Okay, now that I've studied this, it looks like Emby tries to mask just host names. Although that is not true for mb3admin.com and api.hdhomerun.com and thetvdb.com and emby.tmsimg.com and api.themoviedb.org, but it does for data.tmsapi.com. I don't know why any of those would need to be masked, but I'm sure Emby knows why. I guess I had wrong expectations and assumptions of the rules. Sorry for making a mess of this. Proceed to delete this thread now.
justinrh 260 Posted September 15, 2024 Author Posted September 15, 2024 (edited) 6 minutes ago, GrimReaper said: hostX entries would be remote addresses - either remote IPs or domain names. This is not completely true. My server's local host name is masked. And, as you see above, not all domain names are masked. Edited September 15, 2024 by justinrh
GrimReaper 4740 Posted September 15, 2024 Posted September 15, 2024 (edited) 12 minutes ago, justinrh said: And, as you see above, not all domain names are masked. YOUR domain name - anonymization is about protecting your privacy. What would be the point in hiding those, as one would generally want to see those to know what queries/calls have been made, especially for troubleshooting purposes? 12 minutes ago, justinrh said: My server's local host name is masked. Don't see the reason why it should be, maybe that's side effect of masking domain names in general, however what is important is that no remote addresses are identifiable/exposed. Edited September 15, 2024 by GrimReaper 1
justinrh 260 Posted September 15, 2024 Author Posted September 15, 2024 13 minutes ago, GrimReaper said: as one would generally want to see those to know what queries/calls have been made, especially for troubleshooting purposes? Right, that's why I was bewildered by "data.tmsapi.com". 1
justinrh 260 Posted September 16, 2024 Author Posted September 16, 2024 This is interesting. This string in the log file has non-printable characters in it:
Luke 42079 Posted September 16, 2024 Posted September 16, 2024 1 hour ago, justinrh said: This is interesting. This string in the log file has non-printable characters in it: The log anonymization inserts these characters. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now