On Fri, 2007-06-15 at 22:08 +0100, Randal, Phil wrote:
> Bill,
>
> The problem is that Botnet uses Net::DNS::Resolver's default retry and
> timeout values, which are way too high.
>
> Spamassassin's DnsResolver.pm uses these values:
>
> udp_timeout:3
> tcp_timeout:3
> retrans:0
> retry:1
And a few others... Might as well be completely consistent. Try this
patch:
--- Botnet.pm.orig 2007-06-15 16:47:33.000000000 -0500
+++ Botnet.pm 2007-06-15 16:52:13.000000000 -0500
@@ -703,7 +703,16 @@
($type =~ /^(?:A|MX)$/) &&
(defined $max) &&
($max =~ /^-?\d+$/) ) {
- $resolver = Net::DNS::Resolver->new();
+ $resolver = Net::DNS::Resolver->new(
+ udp_timeout => 3,
+ tcp_timeout => 3,
+ retrans => 0,
+ retry => 1,
+ persistent_tcp=>0,
+ persistent_udp=>0,
+ dnsrch=>0,
+ defnames=>0,
+ );
if ($query = $resolver->search($name, $type)) {
# found matches
$i = 0;
@@ -826,7 +835,18 @@
sub get_rdns {
my ($ip) = @_;
my ($query, @answer, $rr);
- my $resolver = Net::DNS::Resolver->new();
+ my $resolver = Net::DNS::Resolver->new(
+ udp_timeout => 3,
+ tcp_timeout => 3,
+ retrans => 0,
+ retry => 1,
+ persistent_tcp=>0,
+ persistent_udp=>0,
+ dnsrch=>0,
+ defnames=>0,
+ );
+ if ($query = $resolver->search($name, $type)) {
+ # found matches
my $name = "";
if ($query = $resolver->query($ip, 'PTR', 'IN')) {
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
http://www.austinenergy.com
