Logging names & addresses
Thu, 19 Jul 2001 20:03:53 -0400
> Is there any way of getting iptables' log entries to show the
I think that a simple perl script can do the trick. You can do:
# tail the-log-file | process-dns.pl
to substitute the protocols/services and dns names.
> reverse-resolved hostname in the source & destination fields (and perhaps the
> service name in the port field ?) either instead of, or as well as, the plain
> IP address (port number) which it does as standard ?
> I appreciate that (a) there needs to be a working DNS accessible to the
> firewall for this to work, and (b) it could slow down logging if there's a
> fair amount of it going on, but is there at least a way to do it ?