cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 8

Property to get client's hostname?

Jump to solution

Often src IP exceptions can be too static because of DHCP so I'm curious if there is a property that will do a reverse lookup on the connecting client IP and get the hostname so it can apply policy to it?  I did not see anything in a search of the properties or in the admin guide.  The "system.hostname" property resolved to the hostname of the proxy not the client. 

Thanks.

PS Using 7.0.1.4.0

Message was edited by: scottl on 9/14/10 3:20:04 PM CDT
1 Solution

Accepted Solutions
MSchneider
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8

Re: Property to get client's hostname?

Jump to solution

Hello,

we have:

DNS.Lookup
IP List
List of IP addresses found in a DNS lookup for the specified host name
String: Host name

and

DNS.Lookup.Reverse
String List
List of host names found in a reverse DNS lookup for the specified IP address
IP: IP address of the host name

But careful, in case there is an issue with DNS, browsing will automtically get slow as we need to do a lookup for the configured item. The DNS-cache will store results though.

thanks,

Michael

Michael Schneider
Senior Manager of PM
for Web Protection and UCE
(•‿•)

View solution in original post

7 Replies
MSchneider
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8

Re: Property to get client's hostname?

Jump to solution

Hello,

we have:

DNS.Lookup
IP List
List of IP addresses found in a DNS lookup for the specified host name
String: Host name

and

DNS.Lookup.Reverse
String List
List of host names found in a reverse DNS lookup for the specified IP address
IP: IP address of the host name

But careful, in case there is an issue with DNS, browsing will automtically get slow as we need to do a lookup for the configured item. The DNS-cache will store results though.

thanks,

Michael

Michael Schneider
Senior Manager of PM
for Web Protection and UCE
(•‿•)

View solution in original post

Former Member
Not applicable
Report Inappropriate Content
Message 3 of 8

Re: Property to get client's hostname?

Jump to solution

That was what I was looking for, my bad for missing it, and thanks for the help.

I used it so I it would do a lookup on any connecting client by referencing the Client.IP property in the parameter of DNS.Lookup.Reverse as below

DNS.Lookup.Reverse (Client.IP)....at least one in list...Blocked list

However, it looks like there are no wildcard lists permitted in the Operand, is that your opinion as well? I needed to put in the fully qualified DNS name for it to work, I tried "contains" as well. Although it is not case sensitive which is good.

MSchneider
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8

Re: Property to get client's hostname?

Jump to solution

If I understood correctly, then this shall work:

reverse.jpg

Sample rule set attached.

best,

Michael

Michael Schneider
Senior Manager of PM
for Web Protection and UCE
(•‿•)
Former Member
Not applicable
Report Inappropriate Content
Message 5 of 8

Re: Property to get client's hostname?

Jump to solution

Hi Michael,

Thank you very much for your usefull information.

I have another problem, I would like to write hostnames straight away into the access.log file, while the appliance is logging.

The problem is that I can't find the right way to use the DNS.Lookup.reverse or DNS.Lookup property to write these reversed hostnames within the access.log, because I guess this is the best way to have hostnames into webreporter.

Any help ?

Many Thanks

Former Member
Not applicable
Report Inappropriate Content
Message 6 of 8

Re: Re: Property to get client's hostname?

Jump to solution

I know this is 5 years too late but I was trying to write to the logs too but couldn't call DNS.Lookup.Reverse either, so I figure out a way to get it.  I creates a User-Defiend.ReverseDNS, and made it a list of strings to match what DNS.Lookup.Reverse returns, and then I did this for the event on all logs:


Set User-Defined.ReverseDNS = DNS.Lookup.Reverse(Client.IP)


Hope this saves other people some time, You also don't need to do the above as long as you convert the DNS.Lookup.Reverse from a List.OfString.ToString, but I like to have it stored so I could possibly use it in multiple places, without doing multiple lookups.

Thank you,

Brian

Former Member
Not applicable
Report Inappropriate Content
Message 7 of 8

Re: Property to get client's hostname?

Jump to solution

Hi Brain,

I need to write client host name on the log too. Could you kindly help to give me your example configuration or capture screen? Thanks.

Regards,

Akekarat C.

Former Member
Not applicable
Report Inappropriate Content
Message 8 of 8

Re: Property to get client's hostname?

Jump to solution

Hi Brain,

Now I can stamp host name to the log by adding "List.OfString.ToString (DNS.Lookup.Reverse (Client.IP), "")" to the event.

I try to change host name and see how long time WMG use for update information. I found it take time a few min.

Now I looking for an option for adjust time to be shorter. Do you have any idea? Thanks.

Regards,

Akekarat C.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community