[Dnsmasq-discuss] Fake reverse lookups from cache

[Niels]

> On 06 Feb 2015, at 17:02, Joachim Zobel <jz-2014 at heute-morgen.de> wrote:
> 
>> ... leave the 0.01%
> dnsmasq users
>> that are interested in reporting which forward request resulted in an
> actual
>> ip being encountered alone with the task of writing their own report
> tools.
> 
> It might be easier to use it if the log entry would provide an IP, e.g.
> 
> Feb  2 16:36:55 dnsmasq[852]: cached p05-btmmdns.icloud.com is <CNAME>
> for 17.172.100.68
> 
> Not sure, if this is implemented easily.
> 
> But you are right, a log file parser is preferable. Building a tool that
> replaces all IPs by the last used names and piping the netstat-nat -n
> output would do it for my case.
> 
> So I request log files that enable looking up the last requested name as
> a feature. Shall I implement this or could you be so kind?

Sorry for catching up late, I do not see this list in my inbox normally.

If I understood what is in the pipeline, development versions of dnsmasq
already implement an option 'log-queries=extra' which provides all the
clues currently missing.

From an email from Simon that also didn't make it to the list:

> You might like to look at another change here.
> 
> http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=25cf5e373eb41c088d4ee5e625209c4cf6a5659e
> 
> which makes the logs more parseable.

For following CNAME expansion you'd have to match the query serial
number after the slash to the last reply with that same number:

> dnsmasq: 1 127.0.0.1/44925 query[A] www.thekelleys.org.uk from 127.0.0.1
> dnsmasq: 1 127.0.0.1/44925 forwarded www.thekelleys.org.uk to 127.0.1.1
> dnsmasq: 1 127.0.0.1/44925 reply www.thekelleys.org.uk is <CNAME>
> dnsmasq: 1 127.0.0.1/44925 reply thekelleys.org.uk is 213.138.109.107
> 
> dnsmasq: 2 127.0.0.1/54873 query[A] www.thekelleys.org.uk from 127.0.0.1
> dnsmasq: 2 127.0.0.1/54873 cached www.thekelleys.org.uk is <CNAME>
> dnsmasq: 2 127.0.0.1/54873 cached thekelleys.org.uk is 213.138.109.107

Regards,

Niels