Add caching to ip_ntoh()?
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Tue Mar 15 13:46:35 CET 2016
> On 15 Mar 2016, at 12:23, Boris Lytochkin <lytboris at yandex-team.ru> wrote:
>
> Hi.
>
> We are running FreeRADIUS with a local patch that uses PTR record of NAS IP address instead of shortname in logs - this greatly helps with bulk client specifications like:
> =====================
> client mgmt_net_location_1 {
> ipv4addr = 10.0.10.0/24
> ...
> }
> =====================
>
> And in radiusd.log we got 'Login OK ... from <PTR>' instead of 'Login OK ... from %{client:shortname}'.
>
> While looking for a proper way to `upstream'ize` this patch I came across ip_ntoh function that does resolving but does not cache results. Am I right that adding cache to this function (driven by fr_hash) and adding configuration knob for client is a good way to get rid of our local patch in favor of upstream?
> Any other thoughts?
You can do what you want already with minor code changes.
There's an rlm_unbound module which exposes multiple types of DNS records, you could add an xlat there to resolve PTR records.
You can then use rlm_cache to cache the result in an rbtree (use Packet-Src-IP-Address as the key), and add it to your log messages with %{cache:<attribute name>}.
This would also allow you to forcefully clear the cache using the command socket, which may be useful if you're making changes to DNS and need to load in the new names.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20160315/e21a3ed2/attachment.sig>
More information about the Freeradius-Devel
mailing list