The Gin server outputs lots of TLS handshake error
I know they are spambots poking my server without a valid TLS handshake, so I'd like to hide them all.
2024/06/17 08:50:31 http: TLS handshake error from 172.71.89.130:54475: EOF
2024/06/17 08:50:31 http: TLS handshake error from 172.70.117.136:27321: EOF
2024/06/17 08:50:31 http: TLS handshake error from 172.68.179.136:38115: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.131.137:16821: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.70.117.136:24033: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.179.136:60447: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.131.137:35943: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.70.117.136:56927: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.179.136:60613: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.131.137:44503: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.70.117.136:62961: EOF
2024/06/17 08:50:32 http: TLS handshake error from 172.68.179.136:13099: EOF
2024/06/17 08:50:33 http: TLS handshake error from 172.68.131.137:51455: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:46337: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:63435: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:48471: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.241.143:20131: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:18751: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.218.132:44493: EOF
2024/06/17 08:50:35 http: TLS handshake error from 172.69.241.143:28467: EOF
2024/06/17 08:50:36 http: TLS handshake error from 172.69.241.143:22753: EOF
2024/06/17 08:50:36 http: TLS handshake error from 172.69.241.143:37185: EOF
2024/06/17 08:50:36 http: TLS handshake error from 172.69.241.143:41773: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.114.136:23619: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.223.140:44507: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.114.136:48173: EOF
2024/06/17 08:50:38 http: TLS handshake error from 172.68.223.140:17731: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.114.136:27501: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.223.140:63737: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.114.136:40807: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.223.140:13027: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.114.136:59277: EOF
2024/06/17 08:50:39 http: TLS handshake error from 172.68.223.140:29263: EOF
2024/06/17 08:50:42 http: TLS handshake error from 172.70.154.135:61419: EOF
2024/06/17 08:50:42 http: TLS handshake error from 172.70.154.135:9307: EOF
2024/06/17 08:50:42 http: TLS handshake error from 172.70.154.135:45959: EOF
2024/06/17 08:50:43 http: TLS handshake error from 172.70.154.135:18881: EOF
Comment From: YamiOdymel
nvm I think I got the solution:
net/http: do not log error in http.Server for TCP probes
func main() {
h := gin.Default()
server:= &http.Server{
Addr: ":8080",
Handler: h,
ReadTimeout: 30 * time.Second,
WriteTimeout: 30 * time.Second,
MaxHeaderBytes: 1 << 20,
ErrorLog: httpLogger(),
}
server.ListenAndServeTLS("cert.pem", "key.pem")
}
func httpLogger() *log.Logger {
pr, pw := io.Pipe()
logger := log.New(pw, "http: ", log.LstdFlags|log.Lmsgprefix|log.Lmicroseconds)
scanner := bufio.NewScanner(pr)
go func() {
for scanner.Scan() {
go func(line string) {
if !strings.HasSuffix(line, ": EOF") {
fmt.Fprintln(os.Stdout, line)
}
}(scanner.Text())
}
fmt.Fprintln(os.Stdout, "log scanner stopped:", scanner.Err())
}()
return logger
}
Comment From: AlexanderYastrebov
Logger interface guarantees single write per log message so you don't need go routine and a scanner, see https://github.com/golang/go/issues/26918#issuecomment-974257205