[Rtir] A couple of questions
Gorazd Bozic
gorazd.bozic at arnes.si
Thu Sep 9 05:10:24 EDT 2004
Natasa Glavor wrote:
> Here they are:
> * how do we adjust RTIR to make queries to different custom databases
> instead of the default whois querying?
Hi Natasa,
We solved this by setting up our own simple whois server (or you might
call it a whois wrapper). The whois protocol is really simple: connect
to the server, send a single line query (usually an IP address) and read
back the response. If it is run from inetd.conf, you read from stdin and
write results to stdout, so it doesn't need any networking stuff.
For instance, you create a simple perl script:
#!/usr/bin/perl
$request = <>; chomp($request);
if ($request =~ /... some pattern .../) {
# Based on value in query string, you can decide whether to query
# any locally available information.
}
system("whois $request");
If you name this script for instance "whois_wrapper", put the following
(or modify) in /etc/inetd.conf:
nicname stream tcp nowait root /usr/local/bin/whois_wrapper
whois_wrapper
You can of course extend the perl script to perform all kinds of local
magic information digging. For instance, we check whether the IP is in
our constituency and then access MySQL databases via perl DBI module to
gather detailed information on our customer.
Hope this helps,
Gorazd
--
Gorazd Bozic <gorazd.bozic at arnes.si>
ARNES SI-CERT, Jamova 39 p.p. 7, SI-1001 Ljubljana, Slovenia
tel: +386 1 479 88 22, fax: +386 1 479 88 99
More information about the Rtir
mailing list