[Bro] issue with geoip lookups
ssmit7 at gmail.com
Fri Oct 5 05:38:01 PDT 2007
I'm using the GeoIP lookup functionality in 1.3 and everything looks to be
working fine, except that all the addresses are getting looked up
"backwards". For example, if Bro looks up the address 188.8.131.52, I will
get a log entry
Connection to: 184.108.40.206 (Westford, MA, US)
which does not match with the output of a manual lookup with geoiplookup.
However if I run 220.127.116.11 through geoiplookup, I get
GeoIP City Edition, Rev 0: US, MA, Westford
I have confirmed this with several different IPs. I'm running Bro 1.3.2 on
FreeBSD 6.2 with the ports install of GeoIP 1.4.3. Any suggestions?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro