script to make dns lookups?
I'm sure this can be done very simply with a little script action, but I'm not quite sure how to go about doing it. Any ideas or suggestions would be appreciated.
What I'm trying to do, is take the output from my firewall, and get dns lookups for the numeric IPs it reports. here is a sample output:
UTC 11/05/2005 16:21:24.208 - UDP packet dropped - Source:66.41.222.112, 26240, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:24:01.688 - UDP packet dropped - Source:221.5.251.172, 41641, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:25:13.944 - UDP packet dropped - Source:221.6.163.50, 60351, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:28:45.160 - UDP packet dropped - Source:66.21.22.50, 7183, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:34:27.432 - UDP packet dropped - Source:221.211.255.7, 32837, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
Id like it to simply run through the output, and replace any instances of dotted quads with the FQDN.
Thanks
What I'm trying to do, is take the output from my firewall, and get dns lookups for the numeric IPs it reports. here is a sample output:
UTC 11/05/2005 16:21:24.208 - UDP packet dropped - Source:66.41.222.112, 26240, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:24:01.688 - UDP packet dropped - Source:221.5.251.172, 41641, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:25:13.944 - UDP packet dropped - Source:221.6.163.50, 60351, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:28:45.160 - UDP packet dropped - Source:66.21.22.50, 7183, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
UTC 11/05/2005 16:34:27.432 - UDP packet dropped - Source:221.211.255.7, 32837, WAN - Destination:my.ip.addy, 1026, WAN - Port: 1026 - Rule 73
Id like it to simply run through the output, and replace any instances of dotted quads with the FQDN.
Thanks
