'[prelude-devel] [prelude-lml 0000082]: Prelude-lml needs to be able'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       prelude-devel
Subject:    [prelude-devel] [prelude-lml 0000082]: Prelude-lml needs to be able
From:       bts () prelude-ids ! org
Date:       2004-02-22 17:46:05
Message-ID: 20040222174605.A760F5C35C () mail ! prelude-ids ! org
[Download RAW message or body]


The following bug has been CLOSED
======================================================================
http://bugs.prelude-ids.org/bug_view_advanced_page.php?bug_id=0000082
======================================================================
Reporter:                   mboman
Handler:                    yoann
======================================================================
Project:                    prelude-lml
Bug ID:                     82
Category:                   
Reproducibility:            always
Severity:                   feature
Priority:                   normal
Status:                     closed
======================================================================
Date Submitted:             06-07-2003 02:07 CEST
Last Modified:              02-22-2004 18:46 CET
======================================================================
Summary:                    Prelude-lml needs to be able to resolve hosts
Description: 
Most prelude-lml doesn't fill in the target IP, which makes it hard to get
a full view on what is happening against a host. For the prelude-lml rules
to be able to fill in the target IP (and sometimes source) there should be
a way to get the filter to do gethostbyname() on the hostname in the log
message. It should also check if the host is not already a IP address in
which case it is not needed.
======================================================================

----------------------------------------------------------------------
 yoann - 06-08-2003 19:33 CEST 
----------------------------------------------------------------------
Please try the attached patch,

----------------------------------------------------------------------
 mboman - 06-08-2003 20:14 CEST 
----------------------------------------------------------------------
Patch seems to work just fine. It filled in the server's IP when I ssh'd in
as root w/o problem.

----------------------------------------------------------------------
 yoann - 06-12-2003 12:03 CEST 
----------------------------------------------------------------------
Fix checked-in to the CVS. (The patch attached to this bug is not what got
commited through).

Bug History
Date Modified  Username       Field                    Change              
======================================================================
06-07-03 02:07 mboman         New Bug                                      
06-08-03 19:32 yoann          Assigned To               => yoann           
06-08-03 19:32 yoann          Status                   new => assigned     
06-08-03 19:32 yoann          File Added: lml-target-info.diff                    
06-08-03 19:33 yoann          Bugnote Added: 0000103                       
06-08-03 20:14 mboman         Bugnote Added: 0000104                       
06-08-03 21:22 LeRoutier      Bugnote Added: 0000105                       
06-11-03 17:50 LeRoutier      Bugnote Deleted: 0000105                     
06-12-03 12:03 yoann          Bugnote Added: 0000108                       
06-12-03 12:03 yoann          Resolution               open => fixed       
06-12-03 12:03 yoann          Status                   assigned => resolved
02-22-04 18:46 yoann          Status                   resolved => closed  
======================================================================

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic