You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be useful for the server, especially for client session initiation errors, to have the IP address of the mosquitto client session logged with the failure message. I typically set up fail2ban to block repeated invalid connection attempts for other services and having this for mosquitto would be desirable. I've found that in most instances where events are logged, a mosquitto object is available and address is populated with the remote client's IP address. This could also be handy in determining what IP address a client session belongs to when reading the logs, etc.
An example I've done locally which uses the mosquitto reference passed into the log__printf method to prepend the address, if mosq and the address are non-null:
Aug 15 15:16:13 mqttserver mosquitto[5677]: New connection from 192.168.1.100 on port 8883.
Aug 15 15:16:15 mqttserver mosquitto[5677]: 192.168.1.100 OpenSSL Error: error:140780E5:SSL routines:ssl23_read:ssl handshake failure
Aug 15 15:16:15 mqttserver mosquitto[5677]: 192.168.1.100 Socket error on client <unknown>, disconnecting.
If this is something the maintainers think would be helpful, I'm happy to put together a PR that introduces this in the logger globally and passes along the mosquitto reference in the spots it's available but not passed yet today. I noticed that the reference to the mosquitto context is passed to this method but not utilized on the server's instance of the logging function - I believe this is for signature parity with the lib and is planned to be kept in the interface? So far locally, I'm simply prepending the affected log messages with the client IP address to avoid having to touch every log line in the application. It's worth noting that unless made into an option, this would be a breaking change for users already parsing these log messages.
The text was updated successfully, but these errors were encountered:
It would be useful for the server, especially for client session initiation errors, to have the IP address of the mosquitto client session logged with the failure message. I typically set up fail2ban to block repeated invalid connection attempts for other services and having this for mosquitto would be desirable. I've found that in most instances where events are logged, a
mosquitto
object is available andaddress
is populated with the remote client's IP address. This could also be handy in determining what IP address a client session belongs to when reading the logs, etc.An example I've done locally which uses the
mosquitto
reference passed into the log__printf method to prepend the address, if mosq and the address are non-null:If this is something the maintainers think would be helpful, I'm happy to put together a PR that introduces this in the logger globally and passes along the mosquitto reference in the spots it's available but not passed yet today. I noticed that the reference to the mosquitto context is passed to this method but not utilized on the server's instance of the logging function - I believe this is for signature parity with the lib and is planned to be kept in the interface? So far locally, I'm simply prepending the affected log messages with the client IP address to avoid having to touch every log line in the application. It's worth noting that unless made into an option, this would be a breaking change for users already parsing these log messages.
The text was updated successfully, but these errors were encountered: