[ntp:questions] NTPQ -P shows both IP and DNS name (parsing problem)
david at ex.djwhome.demon.invalid
Tue Jun 20 16:38:46 UTC 2017
On 20/06/17 14:55, roman.mescheryakov at gmail.com wrote:
> -220.127.116.11 (tor1.mdfnet.se)
> See the line starting with “-18.104.22.168 (tor1.mdfnet.se)”
> This strange peer breaks extracting fields by index. For the above example it extracts “(“ as “refid” value instead of “22.214.171.124” and “29.118” as “offset” value instead of “-0.185”.
I think you are expected to use the relevant management request
directly, rather than parse output intended for humans. That would
avoid process startup, filtering, and DNS costs.
> Is this behaviour a bug or a feature?
Whilst I haven't looked at the code, I wonder if tor is Totally Off the
Record", in which case it is quite likely it doesn't reverse resolve
correctly. My guess is that it is displaying the information in this
form because the reverse resolved name doesn't match the one used, and
therefore indicates a possible security issue.
In this case, it looks like it reverse resolves to a non-existent domain
More information about the questions