-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
74 lines (55 loc) · 2.95 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
Fastresolve is a package of programs to process web log files to
get DNS information for log analysis. It sends out many queries in
parallel, and caches results, for speed. Its DNS resolver is about
10 times as fast as logresolve.pl from the Apache 1.3.9
distribution, and about 50 times as fast as logresolve.c from that
distribution. When last tested, it is 5-20 times as fast as the
adnslogres program that comes with the adns library, and about 3
times as fast as jdresolve, which is a Perl program that uses
similar algorithms (https://github.com/jdrowell/jdresolve).
Fastresolve is written in C++ and Perl. Versions of it have been tested
on GNU/Linux, FreeBSD, and Solaris.
Fastresolve consists of the following programs:
dns-terror
Reads log files, resolves the IP addresses that are resolvable,
and optionally writes the results back out. Optionally it reads
and saves the results in a DB file.
reresolve
Makes another pass trying to resolve unresolved IP addresses in
a DB file, using dns-terror.
convert-ip-db
Converts the DB file written by dns-terror into an ASCII Analog
DNS cache file. This is an alternative to rewriting the (huge)
log files with the IP addresses resolved in them. On the other
hand, Analog then has to do lookups from its big DNS cache
file.
make-report
Runs the above programs and Analog to produce a web report.
rebuild-ip-db
Recreate the DB files from the ASCII files written by the
convert-ip-db script, for recovering from corrupted DB files.
expire-ip-db
Removes old entries from the DB file written by dns-terror.
Fastresolve requires the following:
Perl.
Any version 5 from the last few years should work.
A C++ compiler.
A recent version supporting the Standard Template Library is
required. Clang, EGCS, GCC 2.95, or other recent GCC should
work. (GCC 2.7.x is not recent enough; its support for
exceptions is buggy.)
The Berkeley DB library, version 2.x-5.x.
It's probably best to get the latest (2.x, 3.x, 4.x, or 5.x) version.
The DB library must be configured with --enable-cxx in order to
support the C++ interface.
The Perl BerkeleyDB module.
ADNS, an asynchronous resolver library. (http://www.chiark.greenend.org.uk/~ian/adns/)
Fastresolve comes with a patch to apply to ADNS to improve
performance.
zlib, a compression library.
Version 1.0.6 or newer is required.
Analog 3.0 or later.
Needed by make-report.
Fastresolve is distributed under the GNU General Public License.
Please send bug reports, improvements, suggestions, etc. to