IPTables logging with domain resolution?
 

Is there a way to make IPTables resolve the domain name of the destination so that it shows in the logs?

you really wouldn't want something so critical as iptables doing this, but it'd be easy enough to write a simple script to do a reverse lookup offline as it were.

Ok, I actually knew that ... ;)

How would I go about scripting it? The fundamentals I know I'll have to get are:
- Parse the log file, grabbing the destination IP from each line (DST=xxx.xxx.xxx.xxx), which happens to be the 9th space-separated field.
- Remove the 'DST=' part from the parsed field.
- dig the IP for it's hostname
- Reinsert the hostname into the log.

What utilities should I concentrate on to make this happen?