ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

feature request with patch - disable rdns lookups

https://mail.forum.configserver.com/viewtopic.php?t=4427

Page 1 of 1

feature request with patch - disable rdns lookups

Posted: 25 Apr 2011, 05:19
by pbennes
I was having some issues with LFD. Some digging revealed that it was doing reverse DNS lookups via gethostbyaddr() calls as part of log parsing, which because of some issues with my DNS, was causing LFD to hang long enough during parsing on a busy log file to miss lines and miss blocks. I hacked together a patch for csf.conf and lfd dot pl to add a setting to make rdns lookups toggle-able.

Code: Select all

--- csf.generic.conf    2011-04-17 02:54:06.000000000 -0700
+++ csf.generic.conf.new        2011-04-24 20:57:23.000000000 -0700
@@ -1232,3 +1232,6 @@
 # instability in csf and lfd
 DEBUG = "0"
 ###############################################################################
+
+# Enables reverse DNS lookups for IP addresses
+LF_RDNS = "0"

Code: Select all

--- lfd dot pl      2011-04-17 07:00:06.000000000 -0700
+++ lfd dot pl.new  2011-04-24 20:55:35.000000000 -0700
@@ -4630,28 +4630,30 @@
        my $iptype = &checkip($ip);

        my $host;
-       if ($iptype == 4) {
-               eval {
-                       local $SIG{__DIE__} = undef;
-                       local $SIG{'ALRM'} = sub {die};
-                       alarm(10);
-                       my $ipaddr = inet_aton($ip);
-                       $host = gethostbyaddr($ipaddr, AF_INET);
+       if ($config{LF_RDNS}) {
+               if ($iptype == 4) {
+                       eval {
+                               local $SIG{__DIE__} = undef;
+                               local $SIG{'ALRM'} = sub {die};
+                               alarm(10);
+                               my $ipaddr = inet_aton($ip);
+                               $host = gethostbyaddr($ipaddr, AF_INET);
+                               alarm(0);
+                       };
                        alarm(0);
-               };
-               alarm(0);
-       }
-       elsif ($iptype == 6) {
-               eval {
-                       local $SIG{__DIE__} = undef;
-                       local $SIG{'ALRM'} = sub {die};
-                       alarm(10);
-               eval('use Socket6;');
-                       my $ipaddr = inet_pton(AF_INET6, $ip);
-                       $host = gethostbyaddr($ipaddr, AF_INET6);
+               }
+               elsif ($iptype == 6) {
+                       eval {
+                               local $SIG{__DIE__} = undef;
+                               local $SIG{'ALRM'} = sub {die};
+                               alarm(10);
+                       eval('use Socket6;');
+                               my $ipaddr = inet_pton(AF_INET6, $ip);
+                               $host = gethostbyaddr($ipaddr, AF_INET6);
+                               alarm(0);
+                       };
                        alarm(0);
-               };
-               alarm(0);
+               }
        }

        if ($config{CC_LOOKUPS} and defined $ipcountry) {
@@ -4785,7 +4787,7 @@
                if ($gcidr->find($ip)) {return 1}
        }

-       if (@rdns and !$skip) {
+       if ($config{LF_RDNS} and @rdns and !$skip) {
                my $matchdomain;
                my $matchip;

Re: feature request with patch - disable rdns lookups

Posted: 02 May 2011, 15:12
by pbennes
5.21
<snip>
Added new option LF_LOOKUPS to toggle rDNS IP address lookups
Much appreciated!

Re: feature request with patch - disable rdns lookups

Posted: 16 May 2011, 18:45
by pkiula
Is this recommended to be disabled for speed?
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited