feature request with patch - disable rdns lookups

[pbennes]

I was having some issues with LFD. Some digging revealed that it was doing reverse DNS lookups via gethostbyaddr() calls as part of log parsing, which because of some issues with my DNS, was causing LFD to hang long enough during parsing on a busy log file to miss lines and miss blocks. I hacked together a patch for csf.conf and lfd dot pl to add a setting to make rdns lookups toggle-able.

Code: Select all

--- csf.generic.conf    2011-04-17 02:54:06.000000000 -0700
+++ csf.generic.conf.new        2011-04-24 20:57:23.000000000 -0700
@@ -1232,3 +1232,6 @@
 # instability in csf and lfd
 DEBUG = "0"
 ###############################################################################
+
+# Enables reverse DNS lookups for IP addresses
+LF_RDNS = "0"

Code: Select all

--- lfd dot pl      2011-04-17 07:00:06.000000000 -0700
+++ lfd dot pl.new  2011-04-24 20:55:35.000000000 -0700
@@ -4630,28 +4630,30 @@
        my $iptype = &checkip($ip);

        my $host;
-       if ($iptype == 4) {
-               eval {
-                       local $SIG{__DIE__} = undef;
-                       local $SIG{'ALRM'} = sub {die};
-                       alarm(10);
-                       my $ipaddr = inet_aton($ip);
-                       $host = gethostbyaddr($ipaddr, AF_INET);
+       if ($config{LF_RDNS}) {
+               if ($iptype == 4) {
+                       eval {
+                               local $SIG{__DIE__} = undef;
+                               local $SIG{'ALRM'} = sub {die};
+                               alarm(10);
+                               my $ipaddr = inet_aton($ip);
+                               $host = gethostbyaddr($ipaddr, AF_INET);
+                               alarm(0);
+                       };
                        alarm(0);
-               };
-               alarm(0);
-       }
-       elsif ($iptype == 6) {
-               eval {
-                       local $SIG{__DIE__} = undef;
-                       local $SIG{'ALRM'} = sub {die};
-                       alarm(10);
-               eval('use Socket6;');
-                       my $ipaddr = inet_pton(AF_INET6, $ip);
-                       $host = gethostbyaddr($ipaddr, AF_INET6);
+               }
+               elsif ($iptype == 6) {
+                       eval {
+                               local $SIG{__DIE__} = undef;
+                               local $SIG{'ALRM'} = sub {die};
+                               alarm(10);
+                       eval('use Socket6;');
+                               my $ipaddr = inet_pton(AF_INET6, $ip);
+                               $host = gethostbyaddr($ipaddr, AF_INET6);
+                               alarm(0);
+                       };
                        alarm(0);
-               };
-               alarm(0);
+               }
        }

        if ($config{CC_LOOKUPS} and defined $ipcountry) {
@@ -4785,7 +4787,7 @@
                if ($gcidr->find($ip)) {return 1}
        }

-       if (@rdns and !$skip) {
+       if ($config{LF_RDNS} and @rdns and !$skip) {
                my $matchdomain;
                my $matchip;

[pbennes]

5.21
<snip>
Added new option LF_LOOKUPS to toggle rDNS IP address lookups

Much appreciated!

[pkiula]

Is this recommended to be disabled for speed?