I've just finished reading the man pages (including internal links to
some other man pages) for tcpdump, trace, netstat, and lsof.
None intend to answer my question. Reading them convinces me that I have
seen somewhere a reference to a standard system log file that does.
I'm rephrasing my original post to hopefully bring to someone's mind the
specific solution I thinking of.
Thank you for attempting to answer my inadequately composed question.
On 12/25/2021 03:14 AM, Russell Senior wrote:
The tcpdump utility would show you the ip addresses you are connecting
to. A well timed "sudo netstat -tn" or "sudo lsof -n -i TCP" might do
as well. You could also use tcpdump to spy on your DNS lookups.
Another option would be strace, which would show you full URLs along
with gigantic quantities of other things. I don't use synaptic, so I'm
not sure how you even launch it, but it's easy to wrap anything
started from a shell in an strace invocation:
strace -f -s256 -o /tmp/strace-my-command.log <mycommand>
and then search in /tmp/strace-my-command.log with grep or something
(maybe less with a / search) for gethostbyname or similar and then
poke around nearby. Or maybe look for "GET" in a string with a package
name. The strace command basically sees all system calls (i.e., to the
kernel) with their arguments from your program (and children, with the
-f option) and logs them. Without having done what you are asking
about, specifically, that's probably how I would approach the
question.
On Fri, Dec 24, 2021 at 11:50 PM Richard Owlett <[email protected]> wrote:
On 12/24/2021 02:45 PM, Russell Senior wrote:
Why do you care where your packages are coming from?
'Cause I can't report a defective site unless I know it's URL.
They should all be signed/validated somehow.
On Fri, Dec 24, 2021 at 6:16 AM Richard Owlett <[email protected]> wrote:
Thread subject:
"Documenting possible anomaly caused by load sharing issues"
I run Debian 11.1 and use Synaptic to download/install XYZ.deb .
Synaptic is set up to download nominally from strange.com .
I suspect strange.com is overloaded and redirects to quiet.com .
Is there a log file on my system that will tell the actual URL providing
XYZ.deb ?
I suspect the installer downloads an auxiliary file from somewhere.
Is that information logged somewhere?
TIA
