--- /dev/null
+Hi.\r
+\r
+To translate my routers netstat-nat output into names that actually talk\r
+to me I have started writing to simple shell scripts. They require \r
+\r
+log-queries\r
+log-facility=/var/log/dnsmasq.log\r
+\r
+to be set. With\r
+\r
+netstat-nat -n -4 | reverse_replace.sh \r
+\r
+I get retranslated output.\r
+\r
+Sincerely,\r
+Joachim\r
+\r
+\r
--- /dev/null
+#!/bin/bash
+# $Id: reverse_dns.sh 4 2015-02-17 20:14:59Z jo $
+#
+# Usage: reverse_dns.sh IP
+# Uses the dnsmasq query log to lookup the name
+# that was last queried to return the given IP.
+#
+
+IP=$1
+qmIP=`echo $IP | sed 's#\.#\\.#g'`
+LOG=/var/log/dnsmasq.log
+
+IP_regex='^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'
+
+if ! [[ $IP =~ $IP_regex ]]; then
+ echo -n $IP
+ exit
+fi
+
+NAME=`tac $LOG | \
+ grep " is $IP" | head -1 | \
+ sed "s#.* \([^ ]*\) is $qmIP.*#\1#" `
+
+if [ -z "$NAME" ]; then
+ echo -n $IP
+else
+ echo -n $NAME
+fi
+
--- /dev/null
+#!/bin/bash
+# $Id: reverse_replace.sh 4 2015-02-17 20:14:59Z jo $
+#
+# Usage e.g.: netstat -n -4 | reverse_replace.sh
+# Parses stdin for IP4 addresses and replaces them
+# with names retrieved by reverse_dns.sh
+#
+
+DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
+DNS=$DIR/reverse_dns.sh
+
+# sed regex
+IP_regex='[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'
+
+while read LINE; do
+ if grep --quiet $IP_regex <<< "$LINE"; then
+ IPs=`sed "s#.*\b\($IP_regex\)\b.*#\1 #g" <<< "$LINE"`
+ IPs=($IPs)
+ for IP in "${IPs[@]}"
+ do
+ NAME=`$DNS $IP`
+ # echo "$NAME is $IP";
+ LINE="${LINE/$IP/$NAME}"
+ done
+ fi
+ echo $LINE
+done < /dev/stdin
+