[prev in list] [next in list] [prev in thread] [next in thread]
List: prelude-devel
Subject: [prelude-devel] [prelude-lml 0000082]: Prelude-lml needs to be able
From: bts () prelude-ids ! org
Date: 2004-02-22 17:46:05
Message-ID: 20040222174605.A760F5C35C () mail ! prelude-ids ! org
[Download RAW message or body]
The following bug has been CLOSED
======================================================================
http://bugs.prelude-ids.org/bug_view_advanced_page.php?bug_id=0000082
======================================================================
Reporter: mboman
Handler: yoann
======================================================================
Project: prelude-lml
Bug ID: 82
Category:
Reproducibility: always
Severity: feature
Priority: normal
Status: closed
======================================================================
Date Submitted: 06-07-2003 02:07 CEST
Last Modified: 02-22-2004 18:46 CET
======================================================================
Summary: Prelude-lml needs to be able to resolve hosts
Description:
Most prelude-lml doesn't fill in the target IP, which makes it hard to get
a full view on what is happening against a host. For the prelude-lml rules
to be able to fill in the target IP (and sometimes source) there should be
a way to get the filter to do gethostbyname() on the hostname in the log
message. It should also check if the host is not already a IP address in
which case it is not needed.
======================================================================
----------------------------------------------------------------------
yoann - 06-08-2003 19:33 CEST
----------------------------------------------------------------------
Please try the attached patch,
----------------------------------------------------------------------
mboman - 06-08-2003 20:14 CEST
----------------------------------------------------------------------
Patch seems to work just fine. It filled in the server's IP when I ssh'd in
as root w/o problem.
----------------------------------------------------------------------
yoann - 06-12-2003 12:03 CEST
----------------------------------------------------------------------
Fix checked-in to the CVS. (The patch attached to this bug is not what got
commited through).
Bug History
Date Modified Username Field Change
======================================================================
06-07-03 02:07 mboman New Bug
06-08-03 19:32 yoann Assigned To => yoann
06-08-03 19:32 yoann Status new => assigned
06-08-03 19:32 yoann File Added: lml-target-info.diff
06-08-03 19:33 yoann Bugnote Added: 0000103
06-08-03 20:14 mboman Bugnote Added: 0000104
06-08-03 21:22 LeRoutier Bugnote Added: 0000105
06-11-03 17:50 LeRoutier Bugnote Deleted: 0000105
06-12-03 12:03 yoann Bugnote Added: 0000108
06-12-03 12:03 yoann Resolution open => fixed
06-12-03 12:03 yoann Status assigned => resolved
02-22-04 18:46 yoann Status resolved => closed
======================================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic