Submitted 6 months ago by supervent@lemmy.dbzer0.com to selfhosted@lemmy.world
I run different services on my debian server and I would like to know if there any terminal command or something to show the countries and number connections that have established contact
The less straight forward way is to put a Middleware To query the IP with some geoIP site the get the info.
nginx+ supports geoIP blocking as well, there may be a free version of this feature
I think the most straightforward way to collect these info would be to use Cloudflare as the DNS for your domains.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| DNS | Domain Name Service/System |
| HTTP | Hypertext Transfer Protocol, the Web |
| IP | Internet Protocol |
| SSH | Secure Shell for remote terminal access |
| SSL | Secure Sockets Layer, for transparent encryption |
| TLS | Transport Layer Security, supersedes SSL |
| nginx | Popular HTTP server |
[Thread #224 for this sub, first seen 19th Oct 2023, 08:15] [FAQ] [Full list] [Contact] [Source code]
vegetaaaaaaa@lemmy.world 6 months ago
For HTTP/web server logs: goaccess
For other connections (SSH etc.), setup a Graylog instance, send all your logs to it using rsyslog over TLS, setup pipelines to extract IP addresses from the messages, and setup the GeoIP plugin (graylog.org/…/how-to-set-up-graylog-geoip-configu…). It’s not a small task though. My ansible roles for goaccess and graylog.
entropicshart@sh.itjust.works 6 months ago
How I wish I had seen this about a month ago when I spent hours smarting up the nginx module and converting the maxmind DBs to v1 to make the compatible.
I do wonder how well this performs compared to the nginx module
supervent@lemmy.dbzer0.com 6 months ago
Thanks for the answers, but my specs are very low (intel atom with 2GB ram), I only wanted to know which countries are using my snowflake tor bridge.
vegetaaaaaaa@lemmy.world 6 months ago
Graylog and elasticsearch might fit on that, depending on how much is already used, and if you set the heap sizes at their bare minimum… but it will perform badly, and it’s overkill anyway if you just need this simple stat.
I would look into writing a custom log parser for goaccess (goaccess.io/man#custom-log) and let it parse your bridge logs. This is how the geolocation section looks in the HTML report (each continent can be expanded and it will reveal the stat by country).
Image
I update the report every hour via cron, as I don’t need real-time stats (but goaccess can do that). Ansible role here.