Ticket #340 (closed enhancement: fixed)

Opened 3 years ago

Last modified 3 years ago

Allow dynamic resolution of targets in reconnoiter

Reported by: jesus Assigned to: jesus
Priority: major Milestone:
Component: noitd Severity: serious
Keywords: Cc:

Description

Allow a target to be something like "www.google.com" and have noit do all the lookups necessary to make it all "just work."

This is "large work" and effects all sorts of pieces of the system.

Change History

01/08/11 17:51:22 changed by jesus

(In [1526]) refs #340

This is a rather major change. Targets can now be hostnames in addition to IP addresses so long as //checks/@resolve_targets is not false.

If a target is entered that does not look like an IP (inet_pton fails) then the check is marked as needing resolution NP_RESOLVE.

A passive look-aside dns cache has been implemented in noit_check_resolver.c that is used to power the whole system and some reasonably simply console command have been provided:

show dns_cache [fqdn1 [fqdn2]] -- shows the state dns_cache <fqdn> [fqdn2 [fqdn3]] -- submits for lookup no dns_cache <fqdn> [fqdn2 [fqdn3]] -- purges from cache

The big change is that modules that relied on check->target to be an IP address are going to explode when names are provided. Instead, modules should now use target for the provided target (possibly a FQDN) and use target_ip (check->target_ip or check.target_ip) for a resolved IP address and also check for the case of empty string: (check->target_ip[0] == '\0') for the case that resolution has failed. In lua, the target_ip will be presented as nil in the case of failed name resolution.

I believe I've updated all necessary components of the system for this to "just work" but people that have implemented their own check should update them before they elect to use non-IP addresses as targets.

The dns subsystem supports both IPv4 and IPv6, but currently prefers IPv4 addresses if any are present.

01/21/11 21:04:33 changed by jesus

  • status changed from new to closed.
  • resolution set to fixed.

It's a workin'