AGREE! I'm no expert at this, but when I did do it long ago with my own personal web server, Apache just logged IPs and the Perl script I wrote for post log processing (and long since lost) did name resolution, concatenation and statistics and emailed summary to me.
As long as we're on the topic of name resolution, you may not *yet* care about IPv6, but rather than rewriting your code later when you do, start with the address family independent resolution calls rather than the legacy ones:
- gethostbyname => getnameinfo
- gethostbyaddr => getaddrinfo
- inet_ntoa => inet_ntop
- inet_aton => inet_pton
Perl Socket module has had support since around version 1.94 (Perl 5.14 or there-abouts). A brief example that can be reduced but should be compatible with Socket modules of a certain earlier version that had the new routines, but no IPv6 support:
#!/usr/bin/perl
use strict;
use warnings;
use Socket qw(inet_ntoa AF_INET IPPROTO_TCP);
my $AF_INET6 = eval { Socket::AF_INET6() };
my $AF_UNSPEC = eval { Socket::AF_UNSPEC() };
my $AI_NUMERICHOST = eval { Socket::AI_NUMERICHOST() };
my $NI_NUMERICHOST = eval { Socket::NI_NUMERICHOST() };
# Required for reverse lookup
my $NI_NAMEREQD = eval { Socket::NI_NAMEREQD() };
my %hints = (
family => $AF_UNSPEC,
protocol => IPPROTO_TCP
);
my ( $err, @getaddr ) = Socket::getaddrinfo( $ARGV[0], undef, \%hints
+);
if ( defined( $getaddr[0] ) ) {
for my $addr (@getaddr) {
my ( $err, $address )
= Socket::getnameinfo( $addr->{addr}, $NI_NUMERICHOST );
printf "getaddrinfo()/getnameinfo() Address = %s\n",
( defined($address) ) ? $address : $err;
# Reverse Lookup
my ( $host, $service );
( $err, $host, $service )
= Socket::getnameinfo( $addr->{addr}, $NI_NAMEREQD );
printf " |_> getnameinfo() Name = %s\n",
( defined($host) ) ? $host : $err;
}
} else {
print "$0: getaddrinfo() failed - error = $err\n";
}
and run ...
C:\> test.pl www.google.com
getaddrinfo()/getnameinfo() Address = 172.217.15.100
|_> getnameinfo() Name = iad30s21-in-f4.1e100.net
| 