Hi Cristian!
On Sat, 15 Sep 2001, Cristian Dumitrescu wrote:
>
>
> Salut !
>
> info: running snort 1.8.1 logging to mysql 3.23.36
>
> My question: Cum pot sa transform adresele ip din tabelul snort.iphdr
> ( ip_src, ip_dst) din INT UNSIGNED in text ? ( eventual din php)
> ex:
> mysql> select cid,ip_src,ip_dst from snort.iphdr;
> +-----+------------+------------+
> | cid | ip_src | ip_dst |
> +-----+------------+------------+
> | 1 | 3253200495 | 3232235795 |
> +-----+------------+------------+
> ^^^^^^^^^^ ^^^^^^^^^^
> 192.168.1.19 192.168.1.2
>
> thx in advance..
>
pai nu am inteles, vrei sa schimbi tipul coloanei, sau doar sa vezi ce
adresa ip este?
ca sa vezi adresa in `dot notation':
a) folosesti comanda `host'
teo@teo:/tmp > host 3253200495
111.230.231.193.IN-ADDR.ARPA domain name pointer ns.lumina.ro
b) daca nu are reverse, poti compila programelul urmator:
#include <arpa/inet.h>
#include <stdlib.h>
int main (int argc, char *argv[])
{
unsigned long l=0;
struct in_addr adr;
if (argc < 2) {
printf("usage: long2ip <number>\n");
return -1;
}
adr.s_addr=ntohl(l=atoll(argv[1]));
printf("%s is hex:%#X ip:%s \n", argv[1], l, inet_ntoa(adr));
return 0;
}
[perechea lui este:]
#include<netinet/in.h>
#include<arpa/inet.h>
int main (int argc, char *argv[])
{
unsigned long l=0;
struct in_addr adr;
if (argc < 2) {
printf("usage: ip2long aaa.bbb.ccc.ddd\n");
return -1;
}
inet_aton (argv[1],&adr) && (l = ntohl (adr.s_addr));
printf("%s is dec:%lu hex:%#X\n", argv[1], l, l);
return 0;
}
hint:
poti sa le compilezi pe amandoua si sa le pui sub /usr/local/bin :)
-- teodor
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
