diff options
author | Joachim Zobel <jz-2014@heute-morgen.de> | 2015-02-23 21:38:11 +0000 |
---|---|---|
committer | Simon Kelley <simon@thekelleys.org.uk> | 2015-02-23 21:38:11 +0000 |
commit | 47b9ac59c715827252ae6e6732903c3dabb697fb (patch) | |
tree | ef1ed2ff444802de83f11bf10d0f9988fc88fcdb /contrib | |
parent | 0705a7e2d57654b27c7e14f35ca77241c1821f4d (diff) | |
download | dnsmasq-47b9ac59c715827252ae6e6732903c3dabb697fb.tar.gz |
Log parsing utils in contrib/reverse-dns
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/reverse-dns/README | 18 | ||||
-rw-r--r-- | contrib/reverse-dns/reverse_dns.sh | 29 | ||||
-rw-r--r-- | contrib/reverse-dns/reverse_replace.sh | 28 |
3 files changed, 75 insertions, 0 deletions
diff --git a/contrib/reverse-dns/README b/contrib/reverse-dns/README new file mode 100644 index 0000000..f87eb77 --- /dev/null +++ b/contrib/reverse-dns/README @@ -0,0 +1,18 @@ +Hi.
+
+To translate my routers netstat-nat output into names that actually talk
+to me I have started writing to simple shell scripts. They require
+
+log-queries
+log-facility=/var/log/dnsmasq.log
+
+to be set. With
+
+netstat-nat -n -4 | reverse_replace.sh
+
+I get retranslated output.
+
+Sincerely,
+Joachim
+
+
diff --git a/contrib/reverse-dns/reverse_dns.sh b/contrib/reverse-dns/reverse_dns.sh new file mode 100644 index 0000000..c0fff30 --- /dev/null +++ b/contrib/reverse-dns/reverse_dns.sh @@ -0,0 +1,29 @@ +#!/bin/bash +# $Id: reverse_dns.sh 4 2015-02-17 20:14:59Z jo $ +# +# Usage: reverse_dns.sh IP +# Uses the dnsmasq query log to lookup the name +# that was last queried to return the given IP. +# + +IP=$1 +qmIP=`echo $IP | sed 's#\.#\\.#g'` +LOG=/var/log/dnsmasq.log + +IP_regex='^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' + +if ! [[ $IP =~ $IP_regex ]]; then + echo -n $IP + exit +fi + +NAME=`tac $LOG | \ + grep " is $IP" | head -1 | \ + sed "s#.* \([^ ]*\) is $qmIP.*#\1#" ` + +if [ -z "$NAME" ]; then + echo -n $IP +else + echo -n $NAME +fi + diff --git a/contrib/reverse-dns/reverse_replace.sh b/contrib/reverse-dns/reverse_replace.sh new file mode 100644 index 0000000..a11c164 --- /dev/null +++ b/contrib/reverse-dns/reverse_replace.sh @@ -0,0 +1,28 @@ +#!/bin/bash +# $Id: reverse_replace.sh 4 2015-02-17 20:14:59Z jo $ +# +# Usage e.g.: netstat -n -4 | reverse_replace.sh +# Parses stdin for IP4 addresses and replaces them +# with names retrieved by reverse_dns.sh +# + +DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) +DNS=$DIR/reverse_dns.sh + +# sed regex +IP_regex='[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' + +while read LINE; do + if grep --quiet $IP_regex <<< "$LINE"; then + IPs=`sed "s#.*\b\($IP_regex\)\b.*#\1 #g" <<< "$LINE"` + IPs=($IPs) + for IP in "${IPs[@]}" + do + NAME=`$DNS $IP` + # echo "$NAME is $IP"; + LINE="${LINE/$IP/$NAME}" + done + fi + echo $LINE +done < /dev/stdin + |