Login/Register
Difficulty using Python's socket.gethostbyaddr()
Asked Answered
Solved pythonnetworkingdigpython-socketsgethostbyaddr
F

1

14

I am trying to reverse dns a list of IPs using socket.gethostbyaddr() in python, which returns 'Unknown Host' for some values, but using dig for the same ip returns the Hostname. Also, dig seems to be significantly faster than using python module, is there any specific reasons for that?

import socket

# This returns 'Unknown Host' 
name, alias, addresslist = socket.gethostbyaddr('114.143.51.197')
Fluviomarine answered 20/10, 2011 at 7:2 Comment(2)
gethostbyaddr works fine for me when I reverse 4.2.2.2. Please post code that has the problemOverhand
import socket name,alias,addresslist = socket.gethostbyaddr('114.143.51.197') This returns 'Unknown Host' whereas dig -x 114.143.51.197+short gives me the hostname. The nameserver for DNS resolution I used are 8.8.8.8 and 8.8.4.4, still no luck.Fluviomarine
O
19

From the comments...

whereas dig -x 114.143.51.197+short gives me the hostname.

I'm sorry, but you are mistaken. 114.143.51.197 does not have a PTR record... therefore socket.gethostbyaddr() should throw an error... To process this use-case correctly, add a try / except clause that traps socket.herror

>>> def dns_ptr_lookup(addr):
...     try:
...         return socket.gethostbyaddr(addr)
...     except socket.herror:
...         return None, None, None
...
>>> # At this time, 4.2.2.2 has a valid PTR
>>> name,alias,addresslist = dns_ptr_lookup('4.2.2.2')
>>> print(name)
vnsc-bak.sys.gtei.net
>>>
>>> # At this time, 114.143.51.197 does NOT have a valid PTR
>>> name,alias,addresslist = dns_ptr_lookup('114.143.51.197')
>>> print(name)
None
>>>

DNS reverse lookup for 114.143.51.197... note that it does not have a valid PTR record

[mpenning@Bucksnort ~]$ dig @8.8.8.8 -x 114.143.51.197

; <<>> DiG 9.6-ESV-R4 <<>> @8.8.8.8 -x 114.143.51.197
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4735
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;197.51.143.114.in-addr.arpa.   IN      PTR

;; AUTHORITY SECTION:
114.in-addr.arpa.       1800    IN      SOA     ns1.apnic.net. read-txt-record-of-zone-first-dns-admin.apnic.net. 17812 7200 1800 604800 172800

;; Query time: 182 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Nov 22 05:11:36 2011
;; MSG SIZE  rcvd: 134

[mpenning@Bucksnort ~]$ python
Python 2.5.2 (r252:60911, Jan 24 2010, 14:53:14)
[GCC 4.3.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket
>>> socket.gethostbyaddr('114.143.51.197')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
socket.herror: (1, 'Unknown host')
>>>

This is what a valid PTR record should look like...

[mpenning@Bucksnort ~]$ dig -x 4.2.2.2

; <<>> DiG 9.6-ESV-R4 <<>> -x 4.2.2.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61856
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1

;; QUESTION SECTION:
;2.2.2.4.in-addr.arpa.          IN      PTR

;; ANSWER SECTION:
2.2.2.4.in-addr.arpa.   86400   IN      PTR     vnsc-bak.sys.gtei.net.

;; AUTHORITY SECTION:
2.4.in-addr.arpa.       86400   IN      NS      dnsauth2.sys.gtei.net.
2.4.in-addr.arpa.       86400   IN      NS      dnsauth1.sys.gtei.net.
2.4.in-addr.arpa.       86400   IN      NS      dnsauth3.sys.gtei.net.

;; ADDITIONAL SECTION:
dnsauth1.sys.gtei.net.  1800    IN      A       4.2.49.2

;; Query time: 308 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov 22 05:10:16 2011
;; MSG SIZE  rcvd: 158

[mpenning@Bucksnort ~]$ python
Python 2.5.2 (r252:60911, Jan 24 2010, 14:53:14)
[GCC 4.3.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket
>>> socket.gethostbyaddr('4.2.2.2')
('vnsc-bak.sys.gtei.net', [], ['4.2.2.2'])
>>>
Overhand answered 22/11, 2011 at 11:15 Comment(1)
I get it.. I thought dig was providing me hostname whereas it wasnt. ThanksFluviomarine

© 2022 - 2024 — McMap. All rights reserved.