lxc · tych0 · Dec 11, 2023 · Dec 11, 2023
@@ -13,7 +13,7 @@ type networkServerErrorLogWriter struct {
 }
 
 // Regex for the log we want to ignore.
-var unwantedLogRegex = regexp.MustCompile(`^http: TLS handshake error from ([^\[:]+?|\[([^\]]+?)\]):[0-9]+: .+write: connection reset by peer$`)
+var unwantedLogRegex = regexp.MustCompile(`^http: TLS handshake error from ([^\[:]+?|\[([^\]]+?)\]):[0-9]+: .+: connection reset by peer$`)
 
 func (d networkServerErrorLogWriter) Write(p []byte) (int, error) {
 	strippedLog := d.stripLog(p)

@@ -15,29 +15,54 @@ func Test_networkServerErrorLogWriter_shouldDiscard(t *testing.T) {
 		want    string
 	}{
 		{
-			name:    "ipv4 trusted proxy",
+			name:    "ipv4 trusted proxy (write)",
 			proxies: []net.IP{net.ParseIP("10.24.0.32")},
 			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from 10.24.0.32:55672: write tcp 10.24.0.22:8443->10.24.0.32:55672: write: connection reset by peer\n"),
 			want:    "",
 		},
 		{
-			name:    "ipv4 non-trusted proxy",
+			name:    "ipv4 non-trusted proxy (write)",
 			proxies: []net.IP{net.ParseIP("10.24.0.33")},
 			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from 10.24.0.32:55672: write tcp 10.24.0.22:8443->10.24.0.32:55672: write: connection reset by peer\n"),
 			want:    "http: TLS handshake error from 10.24.0.32:55672: write tcp 10.24.0.22:8443->10.24.0.32:55672: write: connection reset by peer",
 		},
 		{
-			name:    "ipv6 trusted proxy",
+			name:    "ipv6 trusted proxy (write)",
 			proxies: []net.IP{net.ParseIP("2602:fd23:8:1003:216:3eff:fefa:7670")},
 			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from [2602:fd23:8:1003:216:3eff:fefa:7670]:55672: write tcp [2602:fd23:8:101::100]:8443->[2602:fd23:8:1003:216:3eff:fefa:7670]:55672: write: connection reset by peer\n"),
 			want:    "",
 		},
 		{
-			name:    "ipv6 non-trusted proxy",
+			name:    "ipv6 non-trusted proxy (write)",
 			proxies: []net.IP{net.ParseIP("2602:fd23:8:1003:216:3eff:fefa:7671")},
 			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from [2602:fd23:8:1003:216:3eff:fefa:7670]:55672: write tcp [2602:fd23:8:101::100]:8443->[2602:fd23:8:1003:216:3eff:fefa:7670]:55672: write: connection reset by peer\n"),
 			want:    "http: TLS handshake error from [2602:fd23:8:1003:216:3eff:fefa:7670]:55672: write tcp [2602:fd23:8:101::100]:8443->[2602:fd23:8:1003:216:3eff:fefa:7670]:55672: write: connection reset by peer",
 		},
+		{
+			name:    "ipv4 trusted proxy (read)",
+			proxies: []net.IP{net.ParseIP("10.24.0.32")},
+			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from 10.24.0.32:55672: read tcp 10.24.0.22:8443->10.24.0.32:55672: read: connection reset by peer\n"),
+			want:    "",
+		},
+		{
+			name:    "ipv4 non-trusted proxy (read)",
+			proxies: []net.IP{net.ParseIP("10.24.0.33")},
+			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from 10.24.0.32:55672: read tcp 10.24.0.22:8443->10.24.0.32:55672: read: connection reset by peer\n"),
+			want:    "http: TLS handshake error from 10.24.0.32:55672: read tcp 10.24.0.22:8443->10.24.0.32:55672: read: connection reset by peer",
+		},
+		{
+			name:    "ipv6 trusted proxy (read)",
+			proxies: []net.IP{net.ParseIP("2602:fd23:8:1003:216:3eff:fefa:7670")},
+			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from [2602:fd23:8:1003:216:3eff:fefa:7670]:55672: read tcp [2602:fd23:8:101::100]:8443->[2602:fd23:8:1003:216:3eff:fefa:7670]:55672: read: connection reset by peer\n"),
+			want:    "",
+		},
+		{
+			name:    "ipv6 non-trusted proxy (read)",
+			proxies: []net.IP{net.ParseIP("2602:fd23:8:1003:216:3eff:fefa:7671")},
+			log:     []byte("Sep 17 04:58:30 abydos incus.daemon[21884]: 2021/09/17 04:58:30 http: TLS handshake error from [2602:fd23:8:1003:216:3eff:fefa:7670]:55672: read tcp [2602:fd23:8:101::100]:8443->[2602:fd23:8:1003:216:3eff:fefa:7670]:55672: read: connection reset by peer\n"),
+			want:    "http: TLS handshake error from [2602:fd23:8:1003:216:3eff:fefa:7670]:55672: read tcp [2602:fd23:8:101::100]:8443->[2602:fd23:8:1003:216:3eff:fefa:7670]:55672: read: connection reset by peer",
+		},
+
 		{
 			name:    "unrelated",
 			proxies: []net.IP{},