LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 07-30-2012, 03:22 AM   #1
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Rep: Reputation: Disabled
bind source


I want to write the logs to A File based on client's ip tell me where it is printing the ip in the source the output of log is as follows
18-Jul-2012 17:18:01.902 client 192.168.2.4#59526: query: www.google.co.in IN A + (192.168.2.4)
18-Jul-2012 17:18:01.909 client 192.168.2.4#46998: query: apis.google.com IN A + (192.168.2.4)
bi
void
log_vwrite(log_context lc, int category, int level, const char *format,
va_list args) {
log_channel_list lcl;
int pri, debugging, did_vsprintf = 0;
int original_category;
FILE *stream;
log_channel chan;
struct timeval tv;
struct tm *local_tm;
#ifdef HAVE_TIME_R
struct tm tm_tmp;
#endif
time_t tt;
const char *category_name;
const char *level_str;
char time_buf[256];
char level_buf[256];

REQUIRE(lc != NULL);

debugging = (lc->flags & LOG_OPTION_DEBUG);

/*
* If not debugging, short circuit debugging messages very early.
*/
if (level > 0 && !debugging)
return;

if (category < 0 || category > lc->num_categories)
category = 0; /* use default */
original_category = category;
lcl = lc->categories[category];
if (lcl == NULL) {
category = 0;
lcl = lc->categories[0];

}oid
log_vwrite(log_context lc, int category, int level, const char *format,
va_list args) {
log_channel_list lcl;
int pri, debugging, did_vsprintf = 0;
int original_category;
FILE *stream;
log_channel chan;
struct timeval tv;
struct tm *local_tm;
#ifdef HAVE_TIME_R
struct tm tm_tmp;
#endif
time_t tt;
const char *category_name;
const char *level_str;
char time_buf[256];
char level_buf[256];

REQUIRE(lc != NULL);

debugging = (lc->flags & LOG_OPTION_DEBUG);

/*
* If not debugging, short circuit debugging messages very early.
*/
if (level > 0 && !debugging)
return;

if (category < 0 || category > lc->num_categories)
category = 0; /* use default */
original_category = category;
lcl = lc->categories[category];
if (lcl == NULL) {
category = 0;
lcl = lc->categories[0];
}

/*
* Get the current time and format it.
*/
time_buf[0]='\0';
if (gettimeofday(&tv, NULL) < 0) {
syslog(LOG_INFO, "gettimeofday failed in log_vwrite()");
} else {
tt = tv.tv_sec;
#ifdef HAVE_TIME_R
local_tm = localtime_r(&tt, &tm_tmp);
#else
local_tm = localtime(&tt);
#endif
if (local_tm != NULL) {
sprintf(time_buf, "%02d-%s-%4d %02d:%02d:%02d.%03ld ",
local_tm->tm_mday, months[local_tm->tm_mon],
local_tm->tm_year+1900, local_tm->tm_hour,
local_tm->tm_min, local_tm->tm_sec,
(long)tv.tv_usec/1000);
 
Old 07-31-2012, 01:23 PM   #2
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
> tell me where it is printing the ip in the source

Nowhere. It is easy to tell if you search for the word "query". This is just an wrapper-function that forwards the message to syslog.
 
Old 07-31-2012, 11:48 PM   #3
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
The caller of log_vwrite is log_write.. see this code in logging.c
here is logging.c

http://www.linuxquestions.org/questi...ce-4175418744/
log_write(log_context lc, int category, int level, const char *format, ...) {
va_list args;

va_start(args, format);
log_vwrite(lc, category, level, format, args);
va_end(args);
}

one of the provided inputs to log_write has the ip address in it.

(log_context lc, int category, int level, const char *format, ...
I am not able to understand which one of the parameters, lc, catgory, format or args have the ip address.
 
Old 08-01-2012, 12:47 AM   #4
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
log_write is just another wrapper, as you can see...
 
Old 08-01-2012, 12:55 AM   #5
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
can you tell me what wrapper actually means as i am new to programming?
 
Old 08-01-2012, 01:48 AM   #6
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
synonyms: forwarder, proxy, helper, mapper, in-between, transfer, relay -- meaning: it doesn't actually do the main processing... so simply find the points where log_write is called

Last edited by NevemTeve; 08-01-2012 at 01:51 AM.
 
Old 08-01-2012, 05:15 AM   #7
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
thanku
 
Old 08-02-2012, 05:59 AM   #8
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
log_write is called just once and inside it there is log_vwrite which is taking 5 arguments
i need to find out the argument that contains the ip part
 
Old 08-02-2012, 06:09 AM   #9
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
I've just downloaded bind-9.9.1-P2, the logging in question can be found in file bin/named/client.c function ns_client_logv:

Code:
        isc_log_write(ns_g_lctx, category, module, level,
                      "client %s%s%s%s%s%s%s%s: %s",
                      peerbuf, sep1, signer, sep2, qname, sep3,
                      sep4, viewname, msgbuf);
does it help you? What your actual question is?
 
Old 08-02-2012, 10:03 AM   #10
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
(To tell the truth, I think you real question is something very trivial, like 'how to convert IP address from binary to text, or vice versa'...)
 
Old 08-03-2012, 12:34 AM   #11
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
hii nevem
first of all thanks for the reply my question is quite simple
My network has IP addresses from 192.168.2.1...10
I have installed bind 9.7.3 on my system whose ip is 192.168.2.4.
the log file is named as named_querylog.the sample contents of my log file are
03-Aug-2012 10:02:16.797 client 192.168.2.4#36264: query: lh6.googleusercontent.com IN A + (192.168.2.4)
I want to see the individual client logs in separate files based on client ip address.
So I want to modify the bind source
for this i need to do some changes in log.c file.
In this file we have a function
isc_log_write(ns_g_lctx, category, module, level,
"client %s%s%s%s%s%s%s%s: %s",
peerbuf, sep1, signer, sep2, qname, sep3,
sep4, viewname, msgbuf
based on client ip i want to write to a Particular File.
Can you suggest me where I Can Do these changes??

Last edited by Balvinder87; 08-03-2012 at 12:36 AM.
 
Old 08-03-2012, 02:43 AM   #12
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
You could add a little part after/before it, eg:

Code:
{
    char filename [512];
    FILE *f;

    sprintf (filename, "/var/log/bind-%s", peerbuff);
    f= fopen (filename, "a");
    if (f) {
        fpintf (f, "client %s%s%s%s%s%s%s%s: %s",
                peerbuf, sep1, signer, sep2, qname, sep3,
                sep4, viewname, msgbuf);
        fclose (f);
    }
}
 
Old 08-03-2012, 04:49 AM   #13
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
thanks just one doubt
how does bind get the peerbuf to contain the IP address?

Last edited by Balvinder87; 08-03-2012 at 05:02 AM.
 
Old 08-03-2012, 05:00 AM   #14
NevemTeve
Senior Member
 
Registered: Oct 2011
Location: Budapest
Distribution: Debian/GNU/Linux, AIX
Posts: 1,774

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
I think it could be traced back to a recvfrom(2) system-call:

Code:
ssize_t recvfrom (int sockfd, void *buf, size_t len, int flags,
                  struct sockaddr *src_addr, socklen_t *addrlen);
 
Old 08-03-2012, 05:41 AM   #15
Balvinder87
Member
 
Registered: Jun 2012
Location: India
Distribution: debian
Posts: 77
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
Thanks can you tell me which file has this code??this code is in resolver.c???
And where he inserts that into peerbuf?

Last edited by Balvinder87; 08-04-2012 at 08:12 AM.
 
  


Reply

Tags
bind


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
dns bind source Balvinder87 Programming 1 08-02-2012 09:59 AM
bind dns configuration from source in centos 5.5 rath_pan Linux - Server 2 11-19-2011 12:37 AM
Bind IP address with MAC address in squid 3 ( Source baced) gulnawaz Linux - Server 3 01-14-2010 01:25 AM
how to make bind-9.6.01 work after compiling from source code win281 Linux - Newbie 2 05-11-2009 04:33 PM
How To Install BIND From Source Giena Linux - Server 1 07-16-2007 08:23 PM


All times are GMT -5. The time now is 03:25 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration