[stunnel-users] Reverse DNS lookup in stunnel log possible?
Pierre DELAAGE
delaage.pierre at free.fr
Sun Jul 28 08:34:33 CEST 2013
Hello,
Not particularly demanding on that matter,
but if it is slower, could that be an option in the conf file :
LogReverseDNS=yes/no ?
Anyway, even in that case, there will be an extra charge to stunnel...
Regards
Pierre
Le 27/07/2013 02:28, Brian Wilkins a écrit :
> It is slower because it would have to do a DNS lookup for every IP.
> Sure, it could be cached but its just informational.
>
> On Friday, July 26, 2013, mkanet at yahoo.com <mailto:mkanet at yahoo.com>
> wrote:
>
> The benefit would be the added convenience of seeing meaningful
> DNS names instead of numeric IPs for those that prefer this. The
> added load on stunnel would be trivial for reverse dns lookups on
> separate process threads.
>
> -----------------
> What would be the benefit? It would slow stunnel down.
> On Jul 26, 2013 5:47 PM, "mkanet at yahoo.com <javascript:_e({},
> 'cvml', 'mkanet at yahoo.com');>" <mkanet at yahoo.com
> <javascript:_e({}, 'cvml', 'mkanet at yahoo.com');>> wrote:
> Thanks, I guess I could do the equivalent with a batch file; but,
> was really hoping for buitin support for this in stunnel. It
> would be nice to see in the upcoming 5.00 release as an option.
> -----------------
> Don't know on windows, but did a little test with a script to get
> the hostnames. First did a test using you records, and then used
> my current stunnel.log
> script stlog.chk
> ==================
> grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' /var/log/stunnel.log | sort
> | uniq
> >stout
> echo "" >stout2
> for a in `cat stout` ; do
> echo -n $a " ">>stout2;
> host $a | awk '{print $5}' >>stout2;
> done
> The results of stout2 are
> 127.0.0.1 localhost.
> 173.194.74.108 qe-in-f108.1e100.net <http://qe-in-f108.1e100.net/>.
> 173.194.74.109 qe-in-f109.1e100.net <http://qe-in-f109.1e100.net/>.
> 192.168.128.201 3(NXDOMAIN)
> 74.125.25.108 pa-in-f108.1e100.net <http://pa-in-f108.1e100.net/>.
> 74.125.25.109 pa-in-f109.1e100.net <http://pa-in-f109.1e100.net/>.
> Probable would want to add some code to filter out private address.
> Final step would be to scan original log and add the name on
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org <javascript:_e({}, 'cvml',
> 'stunnel-users at stunnel.org');>
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
>
>
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130728/2dac952c/attachment.html>
More information about the stunnel-users
mailing list