LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (http://www.linuxquestions.org/questions/programming-9/)
-   -   bind source (http://www.linuxquestions.org/questions/programming-9/bind-source-4175419310/)

Balvinder87 07-30-2012 03:22 AM

bind source
 
I want to write the logs to A File based on client's ip tell me where it is printing the ip in the source the output of log is as follows
18-Jul-2012 17:18:01.902 client 192.168.2.4#59526: query: www.google.co.in IN A + (192.168.2.4)
18-Jul-2012 17:18:01.909 client 192.168.2.4#46998: query: apis.google.com IN A + (192.168.2.4)
bi
void
log_vwrite(log_context lc, int category, int level, const char *format,
va_list args) {
log_channel_list lcl;
int pri, debugging, did_vsprintf = 0;
int original_category;
FILE *stream;
log_channel chan;
struct timeval tv;
struct tm *local_tm;
#ifdef HAVE_TIME_R
struct tm tm_tmp;
#endif
time_t tt;
const char *category_name;
const char *level_str;
char time_buf[256];
char level_buf[256];

REQUIRE(lc != NULL);

debugging = (lc->flags & LOG_OPTION_DEBUG);

/*
* If not debugging, short circuit debugging messages very early.
*/
if (level > 0 && !debugging)
return;

if (category < 0 || category > lc->num_categories)
category = 0; /* use default */
original_category = category;
lcl = lc->categories[category];
if (lcl == NULL) {
category = 0;
lcl = lc->categories[0];

}oid
log_vwrite(log_context lc, int category, int level, const char *format,
va_list args) {
log_channel_list lcl;
int pri, debugging, did_vsprintf = 0;
int original_category;
FILE *stream;
log_channel chan;
struct timeval tv;
struct tm *local_tm;
#ifdef HAVE_TIME_R
struct tm tm_tmp;
#endif
time_t tt;
const char *category_name;
const char *level_str;
char time_buf[256];
char level_buf[256];

REQUIRE(lc != NULL);

debugging = (lc->flags & LOG_OPTION_DEBUG);

/*
* If not debugging, short circuit debugging messages very early.
*/
if (level > 0 && !debugging)
return;

if (category < 0 || category > lc->num_categories)
category = 0; /* use default */
original_category = category;
lcl = lc->categories[category];
if (lcl == NULL) {
category = 0;
lcl = lc->categories[0];
}

/*
* Get the current time and format it.
*/
time_buf[0]='\0';
if (gettimeofday(&tv, NULL) < 0) {
syslog(LOG_INFO, "gettimeofday failed in log_vwrite()");
} else {
tt = tv.tv_sec;
#ifdef HAVE_TIME_R
local_tm = localtime_r(&tt, &tm_tmp);
#else
local_tm = localtime(&tt);
#endif
if (local_tm != NULL) {
sprintf(time_buf, "%02d-%s-%4d %02d:%02d:%02d.%03ld ",
local_tm->tm_mday, months[local_tm->tm_mon],
local_tm->tm_year+1900, local_tm->tm_hour,
local_tm->tm_min, local_tm->tm_sec,
(long)tv.tv_usec/1000);

NevemTeve 07-31-2012 01:23 PM

> tell me where it is printing the ip in the source

Nowhere. It is easy to tell if you search for the word "query". This is just an wrapper-function that forwards the message to syslog.

Balvinder87 07-31-2012 11:48 PM

The caller of log_vwrite is log_write.. see this code in logging.c
here is logging.c

http://www.linuxquestions.org/questi...ce-4175418744/
log_write(log_context lc, int category, int level, const char *format, ...) {
va_list args;

va_start(args, format);
log_vwrite(lc, category, level, format, args);
va_end(args);
}

one of the provided inputs to log_write has the ip address in it.

(log_context lc, int category, int level, const char *format, ...
I am not able to understand which one of the parameters, lc, catgory, format or args have the ip address.

NevemTeve 08-01-2012 12:47 AM

log_write is just another wrapper, as you can see...

Balvinder87 08-01-2012 12:55 AM

can you tell me what wrapper actually means as i am new to programming?

NevemTeve 08-01-2012 01:48 AM

synonyms: forwarder, proxy, helper, mapper, in-between, transfer, relay -- meaning: it doesn't actually do the main processing... so simply find the points where log_write is called

Balvinder87 08-01-2012 05:15 AM

thanku

Balvinder87 08-02-2012 05:59 AM

log_write is called just once and inside it there is log_vwrite which is taking 5 arguments
i need to find out the argument that contains the ip part

NevemTeve 08-02-2012 06:09 AM

I've just downloaded bind-9.9.1-P2, the logging in question can be found in file bin/named/client.c function ns_client_logv:

Code:

        isc_log_write(ns_g_lctx, category, module, level,
                      "client %s%s%s%s%s%s%s%s: %s",
                      peerbuf, sep1, signer, sep2, qname, sep3,
                      sep4, viewname, msgbuf);

does it help you? What your actual question is?

NevemTeve 08-02-2012 10:03 AM

(To tell the truth, I think you real question is something very trivial, like 'how to convert IP address from binary to text, or vice versa'...)

Balvinder87 08-03-2012 12:34 AM

hii nevem
first of all thanks for the reply my question is quite simple
My network has IP addresses from 192.168.2.1...10
I have installed bind 9.7.3 on my system whose ip is 192.168.2.4.
the log file is named as named_querylog.the sample contents of my log file are
03-Aug-2012 10:02:16.797 client 192.168.2.4#36264: query: lh6.googleusercontent.com IN A + (192.168.2.4)
I want to see the individual client logs in separate files based on client ip address.
So I want to modify the bind source
for this i need to do some changes in log.c file.
In this file we have a function
isc_log_write(ns_g_lctx, category, module, level,
"client %s%s%s%s%s%s%s%s: %s",
peerbuf, sep1, signer, sep2, qname, sep3,
sep4, viewname, msgbuf
based on client ip i want to write to a Particular File.
Can you suggest me where I Can Do these changes??

NevemTeve 08-03-2012 02:43 AM

You could add a little part after/before it, eg:

Code:

{
    char filename [512];
    FILE *f;

    sprintf (filename, "/var/log/bind-%s", peerbuff);
    f= fopen (filename, "a");
    if (f) {
        fpintf (f, "client %s%s%s%s%s%s%s%s: %s",
                peerbuf, sep1, signer, sep2, qname, sep3,
                sep4, viewname, msgbuf);
        fclose (f);
    }
}


Balvinder87 08-03-2012 04:49 AM

thanks just one doubt
how does bind get the peerbuf to contain the IP address?

NevemTeve 08-03-2012 05:00 AM

I think it could be traced back to a recvfrom(2) system-call:

Code:

ssize_t recvfrom (int sockfd, void *buf, size_t len, int flags,
                  struct sockaddr *src_addr, socklen_t *addrlen);


Balvinder87 08-03-2012 05:41 AM

Thanks can you tell me which file has this code??this code is in resolver.c???
And where he inserts that into peerbuf?


All times are GMT -5. The time now is 07:51 AM.