verbose last output?

verbose last output?

Post by Mark Hedg » Thu, 24 Apr 1997 04:00:00



I need to get the last program to extract more than 16 characters
of the incoming hostname or IP address. I have looked in several
manuals and the source code I could find, but have not been able
to figure out how to get last to extract more than 16 characters.

Response by e-mail is much appreciated. Though not an emergency
situation, the ability to determine the full source address of
every user's connection would be helpful. Please send your advice
if you know how to get this information out of the wtmp/wtmpx files
in Solaris 2.5.5. Thanks.

Mark Hedges
Infonex Internet Services

 
 
 

verbose last output?

Post by Matthew D. Hea » Sat, 26 Apr 1997 04:00:00




> I need to get the last program to extract more than 16 characters
> of the incoming hostname or IP address. I have looked in several
> manuals and the source code I could find, but have not been able
> to figure out how to get last to extract more than 16 characters.

Unfortunately, the information you seek does not exist, because the
/var/adm/wtmp data file (which is where 'last' gets its data)
uses a fixed-width field to store the address.  And since so many
programs depend on the hardcoded format of wtmp, changing it would
be a major nightmare.

So there is nothing the 'last' program can do about this -- it's just
a design mistake that was made pretty early in the history of Unix.
---------
As of 22 Apr 1997, 983 days till Y2K....

http://paella.med.yale.edu/~healy
"But I thought it was pointed at the rabbit *between* my feet!"
---------
Help a victim of severe email harrassment, see
http://www.geocities.com/~hitchcockc/story.html#fund
---------

 
 
 

verbose last output?

Post by Sylvain Robitail » Sun, 27 Apr 1997 04:00:00


On Fri, 25 Apr 1997 15:15:48 -0500,



>> I need to get the last program to extract more than 16 characters
>> of the incoming hostname or IP address. I have looked in several
>> manuals and the source code I could find, but have not been able
>> to figure out how to get last to extract more than 16 characters.

>Unfortunately, the information you seek does not exist, because the
>/var/adm/wtmp data file (which is where 'last' gets its data)
>uses a fixed-width field to store the address.  And since so many
>programs depend on the hardcoded format of wtmp, changing it would
>be a major nightmare.

>So there is nothing the 'last' program can do about this -- it's just
>a design mistake that was made pretty early in the history of Unix.

I think, depending on the particular OS, you might be able to get the IP
address of the remote host. The utmp on my personal computer, (running Linux),
saves the IP, although two other unices I regularly use, (digital 4.0, and
ultrix), don't.

So the original poster should check the utmp man page, to see what is being
saved, and the last man page for available options to last.

--
----------------------------------------------------------------------

Assistant to the System Manager
Computing Services Department
Concordia University                          Montreal, Quebec, Canada
----------------------------------------------------------------------

 
 
 

verbose last output?

Post by Ian Stirlin » Sun, 27 Apr 1997 04:00:00




:
: > I need to get the last program to extract more than 16 characters
: > of the incoming hostname or IP address. I have looked in several
: > manuals and the source code I could find, but have not been able
: > to figure out how to get last to extract more than 16 characters.
:
: Unfortunately, the information you seek does not exist, because the
: /var/adm/wtmp data file (which is where 'last' gets its data)
: uses a fixed-width field to store the address.  And since so many
: programs depend on the hardcoded format of wtmp, changing it would
: be a major nightmare.

Wouldn't a simple workaround be to get wtmp to store dotted quads?
:
: So there is nothing the 'last' program can do about this -- it's just
: a design mistake that was made pretty early in the history of Unix.
: ---------
: As of 22 Apr 1997, 983 days till Y2K....

: http://paella.med.yale.edu/~healy
: "But I thought it was pointed at the rabbit *between* my feet!"
: ---------
: Help a victim of severe email harrassment, see
: http://www.geocities.com/~hitchcockc/story.html#fund
: ---------

--
Ian Stirling.                     Currently designing a new PDA, see homepage.
Homepage:                         http://www.mauve.demon.co.uk/
A fight between good and evil, an epic battle. Darth vader and Luke,
suddenly in the middle of the fight, Darth pulls Luke to him, and whispers
"I know what you'r getting for christmas Luke" Luke exclaims "But how ??!?"
"It's true Luke, I know What you'r getting for christmas"
Luke tries to ignore this, but wrenches himself free, yelling "How could you
know this?", Vader replies "I felt your presents"

 
 
 

verbose last output?

Post by Matthew Bla » Tue, 29 Apr 1997 04:00:00




> I need to get the last program to extract more than 16 characters
> of the incoming hostname or IP address. I have looked in several
> manuals and the source code I could find, but have not been able
> to figure out how to get last to extract more than 16 characters.

You might try running tcp_wrappers.  That software will log the
complete hostname (or IP address when unknown) for all Telnet/FTP
connections.  It is an excellent security tool.

--matt

============================================================================
matthew black                   | the opinions expressed herein are mine and
network & systems specialist    | may not reflect those of my employer.
california state university     |

1250 bellflower boulevard       | PGP fingerprint: 98 4E DF BE 49 A8 DF 99
long beach, ca 90840            |                  6A 7A 1B F1 3E 50 E5 D2
=============================(c) 1997 by Matthew Black, all rights reserved=

 
 
 

1. Verbose output vs. discarding output

Shell is ksh

I want to add a [-v] switch to a shell function to either be verbose or,
in the absense of this switch, send all stdout and stderr to /dev/null.

What is the best practice for this?

Something like

[Use getopts or regular command line processing to set $verbose]

[[ ! -z $verbose ]] && output=/dev/fd/0 || output=/dev/null
exec 1>$output 2>&1
...

Does the 'exec' apply to the calling script as well? (I dont want it to)

Any other way to do this? Thanks

2. user can't write to anything

3. natd in verbose mode: strange output

4. Set TERM=vt100 not work on script???

5. How do I got more verbose output with sendmail?

6. IBM R6000(FLoppy boot?)

7. MPICH to display verbose SSH output

8. Australian site for downloading

9. kbuild: Smart notation for non-verbose output

10. cannot get all verbose ksh output into a log file

11. Weird 'last' output?

12. how to output all lines except last one of file?

13. Solaris 7 last command output doesn't show the full name of host