2020-05-15 09:39:16 +00:00
|
|
|
package parser
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net"
|
|
|
|
|
|
|
|
|
|
log "github.com/sirupsen/logrus"
|
2023-06-13 11:16:13 +00:00
|
|
|
|
|
|
|
|
"github.com/crowdsecurity/crowdsec/pkg/types"
|
2020-05-15 09:39:16 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
/* All plugins must export a list of function pointers for exported symbols */
|
|
|
|
|
//var ExportedFuncs = []string{"reverse_dns"}
|
|
|
|
|
|
2022-07-28 14:41:41 +00:00
|
|
|
func reverse_dns(field string, p *types.Event, ctx interface{}, plog *log.Entry) (map[string]string, error) {
|
2020-05-15 09:39:16 +00:00
|
|
|
ret := make(map[string]string)
|
|
|
|
|
if field == "" {
|
|
|
|
|
return nil, nil
|
|
|
|
|
}
|
|
|
|
|
rets, err := net.LookupAddr(field)
|
|
|
|
|
if err != nil {
|
2022-07-28 14:41:41 +00:00
|
|
|
plog.Debugf("failed to resolve '%s'", field)
|
2022-11-07 09:36:50 +00:00
|
|
|
return nil, nil //nolint:nilerr
|
2020-05-15 09:39:16 +00:00
|
|
|
}
|
|
|
|
|
//When using the host C library resolver, at most one result will be returned. To bypass the host resolver, use a custom Resolver.
|
|
|
|
|
ret["reverse_dns"] = rets[0]
|
|
|
|
|
return ret, nil
|
|
|
|
|
}
|
2021-09-09 14:27:30 +00:00
|
|
|
|
|
|
|
|
func reverseDNSInit(cfg map[string]string) (interface{}, error) {
|
|
|
|
|
return nil, nil
|
|
|
|
|
}
|
