GitHub - dmacnet/fastresolve: A fast DNS resolver for web log files

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
debian		debian
dns-terror		dns-terror
doc		doc
scripts		scripts
.gitignore		.gitignore
AUTHORS		AUTHORS
COPYING		COPYING
ChangeLog		ChangeLog
INSTALL		INSTALL
MACOSX.txt		MACOSX.txt
Makefile.am		Makefile.am
Makefile.in		Makefile.in
NEWS		NEWS
README		README
aclocal.m4		aclocal.m4
configure		configure
configure.ac		configure.ac
depcomp		depcomp
fastresolve.spec		fastresolve.spec
install-sh		install-sh
missing		missing

Repository files navigation

   Fastresolve is a package of programs to process web log files to
   get DNS information for log analysis. It sends out many queries in
   parallel, and caches results, for speed. Its DNS resolver is about
   10 times as fast as logresolve.pl from the Apache 1.3.9
   distribution, and about 50 times as fast as logresolve.c from that
   distribution. When last tested, it is 5-20 times as fast as the
   adnslogres program that comes with the adns library, and about 3
   times as fast as jdresolve, which is a Perl program that uses
   similar algorithms (https://github.com/jdrowell/jdresolve).
   
   Fastresolve is written in C++ and Perl. Versions of it have been tested
   on GNU/Linux, FreeBSD, and Solaris.
   
   Fastresolve consists of the following programs:
   
   dns-terror
          Reads log files, resolves the IP addresses that are resolvable,
          and optionally writes the results back out. Optionally it reads
          and saves the results in a DB file.
          
   reresolve
          Makes another pass trying to resolve unresolved IP addresses in
          a DB file, using dns-terror.
          
   convert-ip-db
          Converts the DB file written by dns-terror into an ASCII Analog
          DNS cache file. This is an alternative to rewriting the (huge)
          log files with the IP addresses resolved in them. On the other
          hand, Analog then has to do lookups from its big DNS cache
          file.
          
   make-report
          Runs the above programs and Analog to produce a web report.
          
   rebuild-ip-db
          Recreate the DB files from the ASCII files written by the
          convert-ip-db script, for recovering from corrupted DB files.
          
   expire-ip-db
          Removes old entries from the DB file written by dns-terror.
          
   Fastresolve requires the following:
   
   Perl.
          Any version 5 from the last few years should work.
          
   A C++ compiler.
          A recent version supporting the Standard Template Library is
          required. Clang, EGCS, GCC 2.95, or other recent GCC should
          work. (GCC 2.7.x is not recent enough; its support for
          exceptions is buggy.)
          
   The Berkeley DB library, version 2.x-5.x.
          It's probably best to get the latest (2.x, 3.x, 4.x, or 5.x) version.
          The DB library must be configured with --enable-cxx in order to
          support the C++ interface.

   The Perl BerkeleyDB module.
          
   ADNS, an asynchronous resolver library. (http://www.chiark.greenend.org.uk/~ian/adns/)
          Fastresolve comes with a patch to apply to ADNS to improve
          performance.
          
   zlib, a compression library.
          Version 1.0.6 or newer is required.
          
   Analog 3.0 or later.
          Needed by make-report.
          
   Fastresolve is distributed under the GNU General Public License.
   
   Please send bug reports, improvements, suggestions, etc. to
   [email protected].