perl: turn ip address to hostname : it works, kind of.
by ////// from LinuxQuestions.org on (#5DVF3)
hello all.
i am writing script that parses suricata alerts.
i want to turn ip addresses to hostnames.
here is the code :
Code:#!/usr/bin/perl
use warnings;
use strict;
use Socket;
use vars qw( @alerts @ipnumbers $gethostname $hostname $ip_to_host $ip );
@alerts = ( '8.8.8.8:666',
'8.8.8.8:80',
'8.8.4.4:333',
'11.11.11.11:222',
'22.22.22.22:999',
'0.0.0.0:443',
'1.1.1.1:443',
'2.2.2.2:7777'
);
foreach $ip (@alerts) {
#print "$ip\n";
if ($ip =~ /([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\:[0-9]{1,7}/) {
#print "$1\n";
push(@ipnumbers, ($1));
}
}
foreach $ip (@ipnumbers) {
gethostname($ip);
}
sub gethostname {
$ip_to_host = $_[0];
if ($ip_to_host =~ /^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/) {
#print "$ip_to_host\n";
$hostname = gethostbyaddr(inet_aton($ip_to_host), AF_INET)
or die "Can't resolve $ip_to_host $!\n";
print "$hostname\n";
} else {
print "blah\n";
}
}the problem with it is that if it fails to turn ip to hostname it exits. i suspect that that die needs to be changed to something else so that function can carry on turning ip's to hostnames. but my skill atm aren't enough.
Code:[root@arch Downloads]# perl /home/vile/Documents/lq.pl
dns.google
dns.google
dns.google
Can't resolve 11.11.11.11
[root@arch Documents]#it exits after "Can't resolve 11.11.11.11".
i would like to continue to the end of ip address list.
Code:@alerts = ( '8.8.8.8:666',
'8.8.8.8:80',
'8.8.4.4:333',
'11.11.11.11:222',
'22.22.22.22:999',
'0.0.0.0:443',
'1.1.1.1:443',
'2.2.2.2:7777'
);
i am writing script that parses suricata alerts.
i want to turn ip addresses to hostnames.
here is the code :
Code:#!/usr/bin/perl
use warnings;
use strict;
use Socket;
use vars qw( @alerts @ipnumbers $gethostname $hostname $ip_to_host $ip );
@alerts = ( '8.8.8.8:666',
'8.8.8.8:80',
'8.8.4.4:333',
'11.11.11.11:222',
'22.22.22.22:999',
'0.0.0.0:443',
'1.1.1.1:443',
'2.2.2.2:7777'
);
foreach $ip (@alerts) {
#print "$ip\n";
if ($ip =~ /([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\:[0-9]{1,7}/) {
#print "$1\n";
push(@ipnumbers, ($1));
}
}
foreach $ip (@ipnumbers) {
gethostname($ip);
}
sub gethostname {
$ip_to_host = $_[0];
if ($ip_to_host =~ /^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/) {
#print "$ip_to_host\n";
$hostname = gethostbyaddr(inet_aton($ip_to_host), AF_INET)
or die "Can't resolve $ip_to_host $!\n";
print "$hostname\n";
} else {
print "blah\n";
}
}the problem with it is that if it fails to turn ip to hostname it exits. i suspect that that die needs to be changed to something else so that function can carry on turning ip's to hostnames. but my skill atm aren't enough.
Code:[root@arch Downloads]# perl /home/vile/Documents/lq.pl
dns.google
dns.google
dns.google
Can't resolve 11.11.11.11
[root@arch Documents]#it exits after "Can't resolve 11.11.11.11".
i would like to continue to the end of ip address list.
Code:@alerts = ( '8.8.8.8:666',
'8.8.8.8:80',
'8.8.4.4:333',
'11.11.11.11:222',
'22.22.22.22:999',
'0.0.0.0:443',
'1.1.1.1:443',
'2.2.2.2:7777'
);