[ The following was mailed to [EMAIL PROTECTED] on Fri, 21 Sep 2001, but I haven't received any reply from them. 2.1a11 is still the latest release of arpwatch, and tcpdump-3.6.2-9 is still current in Rawhide. ]
Hello arpwatch authors! Thanks for a nice daemon. Unfortunately lots of the machines on my local network have names like `123123.kampsax.dk' and `1-2-3-123.kampsax.dk', and so arpwatch 2.1a11 ignores the hostname completely, both in the mail reports and in the arp.dat file. I've convinced the IT department to invent better names in the future (_not_ with a leading digit). But actually such names are perfectly valid DNS names, so arpwatch _should_ handle them like any other hostname. At first I thought that I would have to invent a more complicated test to differentiate between an address like `192.168.1.1' and a shrewd domain name like `192.168.1.1.com'. However, a bit of grepping and reading of the source proved that the current arpwatch makes no use at all of the address variant of these `I am either a name or an address' objects. gethname() in dns.c produces those return values in vain: all callers choose to ignore address-like hostnames; all they want is a real hostname, not an address instead. So fixing the bug is very easy, and as a bonus makes the daemon simpler and a tiny bit faster too. The fixed daemon has run on my Linux workstation for three days now with no ill effects of the change. BTW, I used the source from the current rawhide at ftp://ftp.sunet.se/pub/Linux/distributions/redhat/redhat/linux/rawhide/SRPMS/SRPMS/tcpdump-3.6.2-9.src.rpm But the RedHat changes are minor and fortunately don't involve any of the files in my isdigit() patch. Do you expect to release a new arpwatch tarball soon? Otherwise I might want to submit my patch to the rawhide mailing list too. =========================================================================== Changelog entry: * Tue Sep 18 2001 Ulrik Dickow <[EMAIL PROTECTED]> - also accept hostnames beginning with a digit (removed isdigit() crap from get[hs]name() and callers; no callers used the digit case anyway) ===== Cut here ============================================================ --- arpwatch-2.1a11/dns.c.shipped Sat Oct 14 03:50:52 2000 +++ arpwatch-2.1a11/dns.c Tue Sep 18 22:06:59 2001 @@ -137,7 +137,7 @@ return (0); } -/* Return the cannonical name of the host */ +/* Return the canonical name of the host (NULL if not found) */ char * gethname(u_int32_t a) { @@ -150,18 +150,18 @@ hp = gethostbyaddr((char *)&a, sizeof(a), AF_INET); _res.options = options; if (hp == NULL) - return (intoa(a)); + return NULL; return (hp->h_name); } -/* Return the simple name of the host */ +/* Return the simple name of the host (NULL if not found) */ char * getsname(register u_int32_t a) { register char *s, *cp; s = gethname(a); - if (!isdigit((int)*s)) { + if (s != NULL) { cp = strchr(s, '.'); if (cp != NULL) *cp = '\0'; --- arpwatch-2.1a11/report.c.shipped Sun Oct 1 01:41:10 2000 +++ arpwatch-2.1a11/report.c Tue Sep 18 21:58:00 2001 @@ -303,7 +303,7 @@ (void)fprintf(f, "From: %s\n", watchee); (void)fprintf(f, "To: %s\n", watcher); hn = gethname(a); - if (!isdigit(*hn)) + if (hn != NULL) (void)fprintf(f, "Subject: %s (%s)\n", title, hn); else { (void)fprintf(f, "Subject: %s\n", title); --- arpwatch-2.1a11/db.c.shipped Sun Oct 1 01:39:58 2000 +++ arpwatch-2.1a11/db.c Tue Sep 18 22:13:15 2001 @@ -283,7 +283,7 @@ BCOPY(e, ep->e, 6); if (h == NULL && !initializing) h = getsname(a); - if (h != NULL && !isdigit((int)*h)) + if (h != NULL) strcpy(ep->h, h); ep->t = t; return (ep); @@ -301,7 +301,7 @@ return; ep = ap->elist[0]; h = getsname(ap->a); - if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) { + if (h != NULL && strcmp(h, ep->h) != 0) { syslog(LOG_INFO, "hostname changed %s %s %s -> %s", intoa(ap->a), e2str(ep->e), ep->h, h); strcpy(ep->h, h); ===== Cut here ============================================================ PS: % host -a 42.org 42.org NS bzz.taranis.org 42.org NS r2d2.musin.de 42.org NS ns.42.org 42.org A 194.246.250.218 (I'm in no way associated with this galactic domain; it's just an example) -- Ulrik Dickow <[EMAIL PROTECTED]> (Phone +45 36 39 07 00, Fax +45 36 77 03 01) DSA/ELG-E: 46EF 15D6 83CC 4C28 0147 33A6 F6EE DF20 184B C4D9 (ID 0x184BC4D9) Get key at: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x184BC4D9 _______________________________________________ Redhat-devel-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-devel-list
