A. Schulze wrote:
Hi again,
this is my third and last patch I send today :-)
I compiled openldap with '--enable-rlookups' and set 'reverse-lookup on' in slapd.conf I like to see the remote hostname logged. That didn't work somehow. ( I wrote this patch months ago and could not describe the real problem anymore)
Anyway: the patch modify log output:
reverse-lookup off: conn=4846 fd=42 ACCEPT from IP=127.0.0.1:46058 (IP=127.0.0.1:389)
reverse-lookup on: conn=4191 fd=18 ACCEPT from localhost (IP=127.0.0.1:389)
I never tested with ldapi:// connections. Also I expect the patch is not optimal for performance. But it works here in a small environment.
Indeed, in a busy environment the DNS resolver itself is too slow for slapd. I've got no particular comment on this patch since I never enable reverse lookups. But IMO, this sort of thing is best left to a logfile postprocessor, because handling it directly in slapd will be too slow.