> -----Original Message-----
>
> Hello,
>
> I was wondering if there was a way to name hosts in pf.conf
> so when I did a
> pfctl -s all I could see the STATES table with hostnames instead of ip
> addresses. It would make troubleshooting a lot easier
> espcially when the
> STATES table starts to get real big.
I had this trouble a while back and wrote a perl script (I called it
p-pfclt.pl) to do the name resolution.
Trying to do it inside pfctl itself (using config file directives) is
probably not a good idea (feature bloat).
-----------
#!/usr/bin/perl -w
use strict;
use Socket;
sub get_name($);
my %host;
while(<>) {
if( /^(.*) (\d+\.\d+\.\d+\.\d+):(\d+) (.*) (\d+\.\d+\.\d+\.\d+):(\d+)
(.*)$/ ) {
print "$1 ",
get_name($2),
":$3 $4 ",
get_name($5),
":$6 $7\n";
} else {
print "She's sucking mud..\n";
}
}
sub get_name($) {
my $ip = shift;
if( ! defined $host{$ip} ) {
if( my $n = gethostbyaddr(inet_aton($ip), AF_INET) ) {
$host{$ip} = $n;
} else {
$host{$ip} = $ip;
}
}
return $host{$ip};
}
-----------
Use it like:
pfctl -s state | p-pfctl.pl
ciao
dave
---
Dave Edwards
