Add caching to ip_ntoh()?

Boris Lytochkin lytboris at yandex-team.ru
Tue Mar 15 13:58:33 CET 2016 

Hi.

Well, I want auth_name() to print DNS name, we used to it :)
For now, the string there is hardcoded:
===========
         snprintf(buf, buflen, "from client %.128s port %u%s%.128s%s",
                         request->client->shortname, port,
                  (do_cli ? " cli " : ""), (do_cli ? cli->vp_strvalue : ""),
                  tls);
===========

Thanks for rlm_unbound/rlm_cache notice, will look into it.

On 15.03.2016 15:46, Arran Cudbard-Bell wrote:
>> On 15 Mar 2016, at 12:23, Boris Lytochkin <lytboris at yandex-team.ru> wrote:
>>
>> Hi.
>>
>> We are running FreeRADIUS with a local patch that uses PTR record of NAS IP address instead of shortname in logs - this greatly helps with bulk client specifications like:
>> =====================
>> client mgmt_net_location_1 {
>> ipv4addr = 10.0.10.0/24
>> ...
>> }
>> =====================
>>
>> And in radiusd.log  we got 'Login OK ... from  <PTR>' instead of 'Login OK ... from  %{client:shortname}'.
>>
>> While looking for a proper way to `upstream'ize` this patch I came across ip_ntoh function that does resolving but does not cache results. Am I right that adding cache to this function (driven by fr_hash) and adding configuration knob for client is a good way to get rid of our local patch in favor of upstream?
>> Any other thoughts?
> You can do what you want already with minor code changes.
>
> There's an rlm_unbound module which exposes multiple types of DNS records, you could add an xlat there to resolve PTR records.
>
> You can then use rlm_cache to cache the result in an rbtree (use Packet-Src-IP-Address as the key), and add it to your log messages with %{cache:<attribute name>}.
>
> This would also allow you to forcefully clear the cache using the command socket, which may be useful if you're making changes to DNS and need to load in the new names.
>
> -Arran
>
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS development team
>
> FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html

-- 
Boris Lytochkin
Yandex NOC
+7 (495) 739 70 00 ext. 7671

More information about the Freeradius-Devel mailing list