[syslog-ng] strange thing

Balazs Scheidler bazsi@balabit.hu
Sun, 30 Apr 2000 22:39:51 +0200


> > I like
> > #2 or #3, but I don't know how to use a private nsswitch.conf file, however
> > I know that this is possible, since sendmail uses one.
> 
> I think I'll use both, #2 and #3 in parallel which should give me a maximum of
> reliablility. This solution should work fine for me because I do not need to
> mix local and remote entries within one logfile.
> 
> But what about the following idea:
> 
> Some sort of "private" hosts file for syslog-ng? Let's say
> /etc/syslog-ng/syslog-ng.hosts with an "ip\thost" format (even simpler than
> /etc/hosts), e.g.:
> 
> 127.0.0.1	localhost
> 192.168.1.1	host1
> 192.168.1.2	host2
> 192.168.1.3	host3
> 192.168.1.4	host4
> 
> It shouldn't be very hard to implement a new option which allows you to use
> this file (and only this file) as the source of name resolution. If an IP is
> found, great if not we'll resort to the ip. This makes us independent from any
> name service problems (not only outages, syslog-ng will use the correct
> hostname, even if someone spoofes your nameserver)
> 
> In my eyes, something worth thinking about. Maybe I'll have some free minutes
> tomorrow giving this a try.

I've found an internal glibc 2.1 function which would allow exactly this,
but using the system's /etc/hosts file. This would add a dependency on glibc
though, and could also mean that a future glibc would become incompatible.

This example shows how it looks like:

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
                            

int main()
{
  struct in_addr a;
  struct hostent *he;
  
  inet_aton("193.6.40.1", &a);
  __nss_configure_lookup("hosts", "files");
  he = gethostbyaddr((char *) &a, sizeof(a), AF_INET);
  if (he)
    {
      printf("hostname=%s\n", he->h_name);
    }
  else
    {
      printf("not found\n");
    }
}

The name of 193.6.40.1 is only found if it's listed in /etc/hosts.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
     url: http://www.balabit.hu/pgpkey.txt