Fastresolve is a package of programs to process web log files to get DNS and domain ownership information for log analysis. It sends out many queries in parallel, and caches results, for speed. Its DNS resolver is about 10 times as fast as logresolve.pl from the Apache 1.3.9 distribution, and about 50 times as fast as logresolve.c from that distribution. It is 5-20 times as fast as the adnslogres program that comes with the adns library, and about 3 times as fast as jdresolve, which is a Perl program that uses similar algorithms.

Fastresolve is written in C++ and Perl. Versions of it have been tested on Linux-Mandrake 7.0-8.2, BSDI BSD/OS 4.0.1-4.3, FreeBSD 4.2-4.7, and Solaris 2.6-8 (sparc).

Fastresolve consists of the following programs:

dns-terror: Reads log files, resolves the IP addresses that are resolvable, and optionally writes the results back out. Optionally it reads and saves the results in a DB file.
reresolve: Makes another pass trying to resolve unresolved IP addresses in a DB file, using dns-terror.
convert-ip-db: Converts the DB file written by dns-terror into an ASCII Analog DNS cache file. This is an alternative to rewriting the (huge) log files with the IP addresses resolved in them. On the other hand, Analog then has to do lookups from its big DNS cache file.
getdominfo: Reads a list of host names, from either log files or a DB file, and queries a whois database for the organizations that own their domains. Writes the results to a second DB file.
convert-dom-db: Converts the DB file written by getdominfo into ASCII Analog config directives.
make-report: Runs the above programs and Analog to produce a web report.
rebuild-ip-db
rebuild-dom-db: Recreate the DB files from the ASCII files written by the convert-* scripts, for recovering from corrupted DB files.
expire-ip-db: Removes old entries from the DB file written by dns-terror.

Fastresolve requires the following:

Perl.: Any version 5 from the last few years should work.
A C++ compiler, such as GCC.: A recent version supporting the Standard Template Library is required. EGCS, GCC 2.95, or other recent GCC should work. (GCC 2.7.x is not recent enough; its support for exceptions is buggy.)
The Berkeley DB library, version 2.x-4.x.: It's probably best to get the latest (2.x, 3.x, or 4.x) version. The DB library must be configured with --enable-cxx in order to support the C++ interface. The version that comes with Linux glibc wasn't, so Linux users will need to supplement it. A suitable RPM is available for both 2.x and 3.x. Make sure to install the Perl BerkeleyDB module compiled against a compatible version of DB.
ADNS, an asynchronous resolver library.: Check for the latest version (1.0 as of this writing). Fastresolve comes with a patch to apply to ADNS to improve performance. An RPM including the patch is available.
zlib, a compression library.: Version 1.0.6 or newer is required.
Analog 3.0 or later.: Needed by make-report. If you use convert-dom-db then Analog 4.03 or later is recommended, because it fixes a performance problem when reading large numbers of SUBDOMAIN commands.

Fastresolve was developed at UUNET, a WorldCom company. It is distributed under the GNU General Public License.

Please send bug reports, improvements, suggestions, etc. to fastresolve-bugs@djmnet.org.