bind source
I want to write the logs to A File based on client's ip tell me where it is printing the ip in the source the output of log is as follows
18-Jul-2012 17:18:01.902 client 192.168.2.4#59526: query: www.google.co.in IN A + (192.168.2.4) 18-Jul-2012 17:18:01.909 client 192.168.2.4#46998: query: apis.google.com IN A + (192.168.2.4) bi void log_vwrite(log_context lc, int category, int level, const char *format, va_list args) { log_channel_list lcl; int pri, debugging, did_vsprintf = 0; int original_category; FILE *stream; log_channel chan; struct timeval tv; struct tm *local_tm; #ifdef HAVE_TIME_R struct tm tm_tmp; #endif time_t tt; const char *category_name; const char *level_str; char time_buf[256]; char level_buf[256]; REQUIRE(lc != NULL); debugging = (lc->flags & LOG_OPTION_DEBUG); /* * If not debugging, short circuit debugging messages very early. */ if (level > 0 && !debugging) return; if (category < 0 || category > lc->num_categories) category = 0; /* use default */ original_category = category; lcl = lc->categories[category]; if (lcl == NULL) { category = 0; lcl = lc->categories[0]; }oid log_vwrite(log_context lc, int category, int level, const char *format, va_list args) { log_channel_list lcl; int pri, debugging, did_vsprintf = 0; int original_category; FILE *stream; log_channel chan; struct timeval tv; struct tm *local_tm; #ifdef HAVE_TIME_R struct tm tm_tmp; #endif time_t tt; const char *category_name; const char *level_str; char time_buf[256]; char level_buf[256]; REQUIRE(lc != NULL); debugging = (lc->flags & LOG_OPTION_DEBUG); /* * If not debugging, short circuit debugging messages very early. */ if (level > 0 && !debugging) return; if (category < 0 || category > lc->num_categories) category = 0; /* use default */ original_category = category; lcl = lc->categories[category]; if (lcl == NULL) { category = 0; lcl = lc->categories[0]; } /* * Get the current time and format it. */ time_buf[0]='\0'; if (gettimeofday(&tv, NULL) < 0) { syslog(LOG_INFO, "gettimeofday failed in log_vwrite()"); } else { tt = tv.tv_sec; #ifdef HAVE_TIME_R local_tm = localtime_r(&tt, &tm_tmp); #else local_tm = localtime(&tt); #endif if (local_tm != NULL) { sprintf(time_buf, "%02d-%s-%4d %02d:%02d:%02d.%03ld ", local_tm->tm_mday, months[local_tm->tm_mon], local_tm->tm_year+1900, local_tm->tm_hour, local_tm->tm_min, local_tm->tm_sec, (long)tv.tv_usec/1000); |
> tell me where it is printing the ip in the source
Nowhere. It is easy to tell if you search for the word "query". This is just an wrapper-function that forwards the message to syslog. |
The caller of log_vwrite is log_write.. see this code in logging.c
here is logging.c http://www.linuxquestions.org/questi...ce-4175418744/ log_write(log_context lc, int category, int level, const char *format, ...) { va_list args; va_start(args, format); log_vwrite(lc, category, level, format, args); va_end(args); } one of the provided inputs to log_write has the ip address in it. (log_context lc, int category, int level, const char *format, ... I am not able to understand which one of the parameters, lc, catgory, format or args have the ip address. |
log_write is just another wrapper, as you can see...
|
can you tell me what wrapper actually means as i am new to programming?
|
synonyms: forwarder, proxy, helper, mapper, in-between, transfer, relay -- meaning: it doesn't actually do the main processing... so simply find the points where log_write is called
|
thanku
|
log_write is called just once and inside it there is log_vwrite which is taking 5 arguments
i need to find out the argument that contains the ip part |
I've just downloaded bind-9.9.1-P2, the logging in question can be found in file bin/named/client.c function ns_client_logv:
Code:
isc_log_write(ns_g_lctx, category, module, level, |
(To tell the truth, I think you real question is something very trivial, like 'how to convert IP address from binary to text, or vice versa'...)
|
hii nevem
first of all thanks for the reply my question is quite simple My network has IP addresses from 192.168.2.1...10 I have installed bind 9.7.3 on my system whose ip is 192.168.2.4. the log file is named as named_querylog.the sample contents of my log file are 03-Aug-2012 10:02:16.797 client 192.168.2.4#36264: query: lh6.googleusercontent.com IN A + (192.168.2.4) I want to see the individual client logs in separate files based on client ip address. So I want to modify the bind source for this i need to do some changes in log.c file. In this file we have a function isc_log_write(ns_g_lctx, category, module, level, "client %s%s%s%s%s%s%s%s: %s", peerbuf, sep1, signer, sep2, qname, sep3, sep4, viewname, msgbuf based on client ip i want to write to a Particular File. Can you suggest me where I Can Do these changes?? |
You could add a little part after/before it, eg:
Code:
{ |
thanks just one doubt
how does bind get the peerbuf to contain the IP address? |
I think it could be traced back to a recvfrom(2) system-call:
Code:
ssize_t recvfrom (int sockfd, void *buf, size_t len, int flags, |
Thanks can you tell me which file has this code??this code is in resolver.c???
And where he inserts that into peerbuf? |
All times are GMT -5. The time now is 03:04 AM. |