[stunnel-users] Reverse DNS lookup in stunnel log possible?

• Previous message (by thread): [stunnel-users] Reverse DNS lookup in stunnel log possible?
• Next message (by thread): [stunnel-users] Reverse DNS lookup in stunnel log possible?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The benefit would be the added convenience of seeing meaningful DNS names instead of numeric IPs for those that prefer this.  The added load on stunnel would be trivial for reverse dns lookups on separate process threads.


-----------------
What would be the benefit? It would slow stunnel down. 
On Jul 26, 2013 5:47 PM, "mkanet at yahoo.com" <mkanet at yahoo.com> wrote:
Thanks,
I guess I could do the equivalent with a batch file; but, was really hoping for
buitin support for this in stunnel.  It would be nice to see in the
upcoming 5.00 release as an option.
 
-----------------
 
Don't
know on windows, but did a little test with a script to get the hostnames.
First did a test using you records, and then used my current stunnel.log
 
script
stlog.chk
==================
grep
-Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' /var/log/stunnel.log | sort | uniq 
>stout
 
echo
"" >stout2
for
a in `cat stout` ; do
 
echo -n $a " ">>stout2;
 
host $a | awk '{print $5}' >>stout2;
done
 
 
The
results of stout2 are
127.0.0.1 
localhost.
173.194.74.108  qe-in-f108.1e100.net.
173.194.74.109  qe-in-f109.1e100.net.
192.168.128.201 
3(NXDOMAIN)
74.125.25.108  pa-in-f108.1e100.net.
74.125.25.109  pa-in-f109.1e100.net.
 
Probable
would want to add some code to filter out private address. 
 
 
Final
step would be to scan original log and add the name on 
each
of the lines with an ip. 
+----------------------------------------------------------+
 
Michael D. Setzer II -  Computer Science
Instructor      
 
Guam Community College  Computer Center
                 
  mailto:mikes at kuentos.guam.net                            
  mailto:msetzerii at gmail.com
  http://www.guam.net/home/mikes
 
Guam - Where America's Day
Begins                        
 
G4L Disk Imaging Project maintainer 
  http://sourceforge.net/projects/g4l/
+----------------------------------------------------------+
 
http://setiathome.berkeley.edu (Original)
Number
of Seti Units Returned:  19,471
Processing
time:  32 years, 290 days, 12 hours, 58 minutes
(Total
Hours: 287,489)
 
BOINC at HOME
CREDITS
SETI       
15540600.945971   |   EINSTEIN   
12495097.479852
ROSETTA     
8051875.704643   |  
ABC         16197684.012277
 
----- Forwarded Message -----
From:"mkanet at yahoo.com" <mkanet at yahoo.com>
To: "stunnel-users at stunnel.org"
<stunnel-users at stunnel.org> 
Sent: Friday, July 26, 2013 11:16 AM
Subject: Fw: Reverse DNS lookup in stunnel log possible?
 
I
haven't posted on this mail list in a while.  Is there anyone still out
there?  I hope I'm sending to the correct mail-list.  Is there a
better place I can ask my question below?
 
I'm
pretty sure I can't be the first person who wanted to see reverse DNS name
lookup in the stunnel log.  I tried looking in the settings and
documentation; but, didn't see anything related to this.
 
----- Forwarded Message -----
I
currently have stunnel strip SSL from incoming https connections; which then
passes the connections to a proxy before ultimately reaching my web
server.  So, the only easy way to see where incoming connections are
coming from are in the stunnel log.
 
Below,
is a small example of what my stunnel log looks like (no, those arent the real
IPs ). 
The information below would be much more useful to me if it included the DNS
names in addition to their numeric IP.
 
I
currently have the latest Windows version of stunnel installed.  It would
be great to know how to get it to resolve DNS names as well in the log file;
preferably without impeding general stunnel performance.  I tried several
debug levels; but none them did reverse DNS lookup.  Hopefully someone
know how to do this on a Windows stunnel setup.
 
2013.07.23 10:16:00
LOG5[10152:15136]: Service [stunnel-sslh] connected remote server from 24.12.152.129:58773
2013.07.23
10:16:00 LOG3[10152:15136]: SSL_read: Connection reset by peer
(WSAECONNRESET) (10054)
2013.07.23
10:16:00 LOG5[10152:15136]: Connection reset: 272 byte(s) sent to SSL, 96
byte(s) sent to socket
2013.07.23
10:17:53 LOG5[10152:4000]: Service [stunnel-sslh] accepted connection from 71.194.51.232:5535
2013.07.23
10:17:53 LOG5[10152:4000]: connect_blocking: connected 24.12.152.129:7777
2013.07.23
10:17:53 LOG5[10152:4000]: Service [stunnel-sslh] connected remote server
from 24.12.152.129:58799
2013.07.23
10:17:53 LOG5[10152:13212]: Service [stunnel-sslh] accepted connection from 71.194.51.232:5508
2013.07.23
10:17:53 LOG5[10152:3348]: Service [stunnel-sslh] accepted connection from 71.194.51.232:5509
2013.07.23
10:17:53 LOG5[10152:2884]: Service [stunnel-sslh] accepted connection from 71.194.51.232:5519
 
 

_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130726/3706b2cc/attachment.html>

• Previous message (by thread): [stunnel-users] Reverse DNS lookup in stunnel log possible?
• Next message (by thread): [stunnel-users] Reverse DNS lookup in stunnel log possible?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]