bwhite@oucsace.cs.ohiou.edu (William E. White ) (05/21/91)
Hate to interrupt the ongoing discussion of shared libraries, but ... I've got a little problem here. Basically we have a few different flavors of switches/servers that give connection reports using widely varying protocols. But that's not the problem. The problem is this. Let's say joeblow@132.235.1.2 is logging in from terminal #12 in room 422 in building X. The trace is as follows (in this example, 132.235.1.64 is a terminal server). X:422:12 -> Develcon port 9 -> 132.235.1.64 port 8 -> 132.235.1.2 is a small matter of programming. However, I can't trace any further than the host machine. I *can* do the trace by hand. In this example, if I do a netstat, I know for example that 132.235.1.64.7176 -> 132.235.1.2.telnet is the corresponding connection (why? because socket 7176 is 1c08 in hex; the last byte is the port number on the terminal server). So, what I need to be able to do is, have some kind of report program which will tell what a user's remote socket is. For example, in this case joeblow is connected to 132.235.1.2 on remote socket 7176. I can get the remote *host* from utmp; but not the remote socket. Ideally this program would be run everytime someone logged in and out, sending a small report off to the central logging system giving the username, the remote host, and the remote host's socket. I've been galloping through the netstat code, but my kernel knowledge is pretty close to nil. Obviously this information is kept *somewhere*, as telnetd and rlogind both use it to know where to route stuff. Any ideas? Please email responses. | Bill White +1-614-594-3434 | bwhite@oucsace.cs.ohiou.edu (normal) | | Standard login hours: | bwhite@view.cs.ohiou.edu (alternate) | | 1-3,5-7PM EST M-F (oucsace) | more info via `finger bwhite@view...' |