[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: log_rdns.patch

To: "A. Schulze" <sca@andreasschulze.de>, openldap-technical@openldap.org
Subject: Re: log_rdns.patch
From: Howard Chu <hyc@symas.com>
Date: Wed, 9 Mar 2016 08:05:47 +0000
In-reply-to: <20160309084606.Horde.OodXAnyIQ1UBYxv8NgbYcyH@andreasschulze.de>
References: <20160309084606.Horde.OodXAnyIQ1UBYxv8NgbYcyH@andreasschulze.de>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 SeaMonkey/2.42a1

A. Schulze wrote:


Hi again,

this is my third and last patch I send today :-)

I compiled openldap with '--enable-rlookups' and set 'reverse-lookup on' in
slapd.conf
I like to see the remote hostname logged. That didn't work somehow.
( I wrote this patch months ago and could not describe the real problem anymore)


Anyway: the patch modify log output:

   reverse-lookup off:
     conn=4846 fd=42 ACCEPT from IP=127.0.0.1:46058 (IP=127.0.0.1:389)

   reverse-lookup on:
     conn=4191 fd=18 ACCEPT from localhost (IP=127.0.0.1:389)

I never tested with ldapi:// connections.
Also I expect the patch is not optimal for performance. But it works here in a
small environment.

Indeed, in a busy environment the DNS resolver itself is too slow for slapd.I've got no particular comment on this patch since I never enable reverselookups. But IMO, this sort of thing is best left to a logfile postprocessor,because handling it directly in slapd will be too slow.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: log_rdns.patch
  - From: Michael Ströder <michael@stroeder.com>
- Antw: Re: log_rdns.patch
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>

References:
- log_rdns.patch
  - From: "A. Schulze" <sca@andreasschulze.de>

Prev by Date: Re: man page patches
Next by Date: Re: Patch: CIPHER_SERVER_PREFERENCE
Index(es):
- Chronological
- Thread