• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 182
  • Last Modified:

reverse DNS lookup

We're using now gethostbyaddr for reverse DNS lookup to process site logs. It fails for quite a lot of them, though. Is there any other way to find out the domain names? And is there a way to find out a country of origin for a .com domain?
0
jgenyuk
Asked:
jgenyuk
  • 2
  • 2
  • 2
  • +1
1 Solution
 
gripeCommented:
Are these valid failures? Some IP addresses do not have PTR records.

You might want to look into GeoIP for determining geographical locations of IP addresses. There are several modules on www.cpan.org for this. Here's one for example:

http://search.cpan.org/~rkobes/Apache-GeoIP-1.52/Apache2/Apache/GeoIP.pm
0
 
jgenyukAuthor Commented:
Thanks for the module link, is it better than IP::Country or are tehy pretty much the same?

I'm not sure what "valid failures" are, I mean IPs that couldn't be resolved. Here's the code.

($name,$aliases,$addrtype,$length,@addrs) =
      gethostbyaddr(pack('C4',split(/\./,$ipnum)),AF_INET);
   
    # return the ip number if the name is unresolvable
    $name = $ipnum if(!defined($name));
0
 
PerlExpertCommented:
Well, they are all the same! But coded differently, an ant could walk better then others, but it still walks!

Well, I don't think so, and they don't work for server logs, as they are old, most of people have DSL internet, means, dynamic IP address's, and while he disconnected, and that slot is free, means, that IP equals nothing at all! You could sort of do that process at the same time a user joins

My first post, Hope it helped!
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
gripeCommented:
jgenyuk

I mean have you seen IPs that couldn't be resolved by your script but _could_ be resolved manually.. (using dig or nslookup or similar) It's likely that the IPs you're seeing not resolve just simply don't have any PTR records defined and hence will not resolve (rightfully so).
0
 
PerlExpertCommented:
Weird, Well, You could maybe rebuild the way it does nslookup, or maybe sniff

Can you post a packet sniff part of nslookup? So I could re-implement that into a function and hand it to you :-)
0
 
TintinCommented:
There are *so* many DNS setups on the Internet that are badly configured or just plain wrong, so not being able to resolve IP addresses is *very* common.

GeoIP is supposed to be less portable than IP::Country.  Apart from that, they appear to be pretty similar.

0
 
jgenyukAuthor Commented:
Actually I've tried some of these IPs and quite a few of them were resolved by dig (but not nslookup).
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now