Thanks, I guess I could do the equivalent with a batch file; but, was really
hoping for buitin support for this in stunnel. It would be nice to see in the
upcoming 5.00 release as an option.
-----------------
Don't know on windows, but did a little test with a
script to get the hostnames. First did a test using you records, and then used
my current stunnel.log
script stlog.chk
==================
grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}'
/var/log/stunnel.log | sort | uniq
>stout
echo "" >stout2
for a in `cat stout` ; do
echo -n $a "
">>stout2;
host $a | awk
'{print $5}' >>stout2;
done
The results of stout2 are
127.0.0.1 localhost.
173.194.74.108 qe-in-f108.1e100.net.
173.194.74.109 qe-in-f109.1e100.net.
192.168.128.201 3(NXDOMAIN)
74.125.25.108 pa-in-f108.1e100.net.
74.125.25.109 pa-in-f109.1e100.net.
Probable would want to add some code to filter out
private address.
Final step would be to scan original log and add the name
on
each of the lines with an ip.
+----------------------------------------------------------+
Michael D. Setzer
II - Computer Science Instructor
Guam Community
College Computer Center
mailto:[email protected]
mailto:[email protected]
http://www.guam.net/home/mikes
Guam - Where
America's Day Begins
G4L Disk Imaging
Project maintainer
http://sourceforge.net/projects/g4l/
+----------------------------------------------------------+
http://setiathome.berkeley.edu (Original)
Number of Seti Units Returned: 19,471
Processing time: 32 years, 290 days, 12 hours, 58 minutes
(Total Hours: 287,489)
BOINC@HOME CREDITS
SETI 15540600.945971 | EINSTEIN 12495097.479852
ROSETTA 8051875.704643 | ABC 16197684.012277
----- Forwarded Message -----
From: "[email protected]" <[email protected]>
To: "[email protected]" <[email protected]>
Sent: Friday, July 26, 2013 11:16 AM
Subject: Fw: Reverse DNS lookup in stunnel log possible?
I haven't posted on this mail list in a while. Is there anyone still out
there? I hope I'm sending to the correct mail-list. Is there a better place I
can ask my question below?
I'm pretty sure I can't be the first person who wanted to see reverse DNS name
lookup in the stunnel log. I tried looking in the settings and documentation;
but, didn't see anything related to this.
----- Forwarded Message -----
I currently have stunnel strip SSL from incoming https connections; which then
passes the connections to a proxy before ultimately reaching my web server.
So, the only easy way to see where incoming connections are coming from are in
the stunnel log.
Below, is a small example of what my stunnel log looks like (no, those arent
the real IPs ). The information below would be much more useful to me if it
included the DNS names in addition to their numeric IP.
I currently have the latest Windows version of stunnel installed. It would be
great to know how to get it to resolve DNS names as well in the log file;
preferably without impeding general stunnel performance. I tried several debug
levels; but none them did reverse DNS lookup. Hopefully someone know how to do
this on a Windows stunnel setup.
2013.07.23 10:16:00 LOG5[10152:15136]: Service [stunnel-sslh] connected remote
server from 24.12.152.129:58773
2013.07.23 10:16:00 LOG3[10152:15136]: SSL_read: Connection reset by peer
(WSAECONNRESET) (10054)
2013.07.23 10:16:00 LOG5[10152:15136]: Connection reset: 272 byte(s) sent to
SSL, 96 byte(s) sent to socket
2013.07.23 10:17:53 LOG5[10152:4000]: Service [stunnel-sslh] accepted
connection from 71.194.51.232:5535
2013.07.23 10:17:53 LOG5[10152:4000]: connect_blocking: connected
24.12.152.129:7777
2013.07.23 10:17:53 LOG5[10152:4000]: Service [stunnel-sslh] connected remote
server from 24.12.152.129:58799
2013.07.23 10:17:53 LOG5[10152:13212]: Service [stunnel-sslh] accepted
connection from 71.194.51.232:5508
2013.07.23 10:17:53 LOG5[10152:3348]: Service [stunnel-sslh] accepted
connection from 71.194.51.232:5509
2013.07.23 10:17:53 LOG5[10152:2884]: Service [stunnel-sslh] accepted
connection from 71.194.51.232:5519_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
