2014-11-24 21:37:37 +01:00
|
|
|
import socket
|
|
|
|
|
2014-11-21 16:57:37 +01:00
|
|
|
from iwla import IWLA
|
2014-11-24 17:13:59 +01:00
|
|
|
from iplugin import IPlugin
|
2014-11-21 16:57:37 +01:00
|
|
|
|
2014-12-10 07:09:05 +01:00
|
|
|
#
|
|
|
|
# Post analysis hook
|
|
|
|
#
|
|
|
|
# Replace IP by reverse DNS names
|
|
|
|
#
|
|
|
|
# Plugin requirements :
|
|
|
|
# None
|
|
|
|
#
|
|
|
|
# Conf values needed :
|
|
|
|
# reverse_dns_timeout*
|
|
|
|
#
|
|
|
|
# Output files :
|
|
|
|
# None
|
|
|
|
#
|
|
|
|
# Statistics creation :
|
|
|
|
# None
|
|
|
|
#
|
|
|
|
# Statistics update :
|
|
|
|
# valid_visitors:
|
|
|
|
# remote_addr
|
|
|
|
# dns_name_replaced
|
|
|
|
# dns_analyzed
|
|
|
|
#
|
|
|
|
# Statistics deletion :
|
|
|
|
# None
|
|
|
|
#
|
|
|
|
|
2014-11-24 17:13:59 +01:00
|
|
|
class IWLAPostAnalysisReverseDNS(IPlugin):
|
2014-11-27 12:34:42 +01:00
|
|
|
DEFAULT_DNS_TIMEOUT = 0.5
|
|
|
|
|
2014-11-24 21:42:57 +01:00
|
|
|
def __init__(self, iwla):
|
|
|
|
super(IWLAPostAnalysisReverseDNS, self).__init__(iwla)
|
2014-11-24 17:13:59 +01:00
|
|
|
self.API_VERSION = 1
|
2014-11-21 16:57:37 +01:00
|
|
|
|
2014-11-24 21:37:37 +01:00
|
|
|
def load(self):
|
2014-11-27 12:34:42 +01:00
|
|
|
timeout = self.iwla.getConfValue('reverse_dns_timeout',
|
|
|
|
IWLAPostAnalysisReverseDNS.DEFAULT_DNS_TIMEOUT)
|
2014-11-24 21:37:37 +01:00
|
|
|
socket.setdefaulttimeout(timeout)
|
|
|
|
return True
|
|
|
|
|
2014-11-26 20:31:13 +01:00
|
|
|
def hook(self):
|
|
|
|
hits = self.iwla.getValidVisitors()
|
2014-11-24 17:13:59 +01:00
|
|
|
for (k, hit) in hits.items():
|
|
|
|
if hit.get('dns_analysed', False): continue
|
|
|
|
try:
|
|
|
|
name, _, _ = socket.gethostbyaddr(k)
|
2014-12-16 07:38:57 +01:00
|
|
|
hit['remote_addr'] = name.lower()
|
2014-11-26 16:17:16 +01:00
|
|
|
hit['dns_name_replaced'] = True
|
2014-11-24 17:13:59 +01:00
|
|
|
except:
|
|
|
|
pass
|
|
|
|
finally:
|
|
|
|
hit['dns_analysed'] = True
|
2014-11-21 16:57:37 +01:00
|
|
|
|