[drupal-devel] [feature] Add IP lookup capabilities to the watchdog module

Matthew Hildebrand drupal.org at gosherm.org
Tue May 10 18:42:12 UTC 2005

I suggest contacting them via e-mail to verify that this is okay since you
couldn't find something specific on their website.

-----Original Message-----
From: baudolino [mailto:drupal-devel at drupal.org] 
Sent: Tuesday, May 10, 2005 12:36 PM
To: drupal.org at gosherm.org
Subject: [feature] Add IP lookup capabilities to the watchdog module

Issue status update for http://drupal.org/node/22494

 Project:      Drupal
 Version:      cvs
 Component:    watchdog.module
 Category:     feature requests
 Priority:     minor
-Assigned to:  Anonymous
+Assigned to:  baudolino
 Reported by:  baudolino
 Updated by:   baudolino
 Status:       patch

Regarding the TOS, the best that I could find on their website is

It seems to me they allow FREE queries using their website; from my
experience I know that you can do around 100 queries per day without a
having a FREE account on their website. They implemented the account
policy to prevent abuse from automatic bots doing tons of queries per
day, so the account is just a means of autentifying yourself as a real

If this patch is accepted, it seems to me that we'd have to give credit
for the service, as a common courtesy gesture. The search boxes they
provide on the link above have the "Powered by whois source" text
embedded, although they say at the bottom of the page "Feel free to
modify our search boxes on your own site."

BTW, let me assign this issue to myself, since I already suggested a


Previous comments:

May 9, 2005 - 23:27 : baudolino

Attachment: http://drupal.org/files/issues/watchdog.add_IP_lookup.diff (972

This small patch adds IP lookup capabilities to the watchdog module
using the free external site http://whois.sc. Basically, the IP becomes
clickable, and a new window opens which displays a lot of data about the
address in question. Might be useful for site administrators who need to
look at suspicious activites, spiders, harvesters etc.

I got this idea from the phpBB bulletin board software, which offers
this feature for administrators.

One line patch attached.


May 10, 2005 - 09:46 : kbahey

+1 for this patch.

Shouldn't target="blank" read target="_blank" (with under score)?


May 10, 2005 - 10:25 : Junyor

-1 for using the target attribute.  That's browsers UI functionality.


May 10, 2005 - 11:32 : Bèr Kessels

another -1 on target blank; As nielsen points out
(http://www.useit.com/alertbox/9605.html #9) opening new windows is 

"Opening up new browser windows is like a vacuum cleaner sales person
who starts a visit by emptying an ash tray on the customer's carpet.
Don't pollute my screen with any more windows, thanks (particularly
since current operating systems have miserable window management).



May 10, 2005 - 12:59 : baudolino

Attachment: http://drupal.org/files/issues/watchdog.add_IP_lookup_1.diff
(957 bytes)

Updated version, removed "target=_blank".


May 10, 2005 - 13:03 : chx

removed target? Then now I can +1 this.


May 10, 2005 - 13:10 : killes at www.drop.org

Why is this usefull? Can't you set up Apache to do the looking up?

Just two random questions.


May 10, 2005 - 13:42 : Chris Johnson

Several reasons:

1.  Yes, Apache can be configured to do this.  However, it is resource
intensive.  Apache would have to do a DNS reverse lookup request for
every IP address.  This is generally considered to be a bad idea on any
Apache server that has any kind of load.  Thus, it will be turned off on
most hosting arrangements.

2.  Not everybody runs Apache.  :-)

3.  It's convenient, somewhat useful and very lightweight to provide


May 10, 2005 - 13:46 : killes at www.drop.org

ok, more questions: How long is that service already there? How long
will it stay available? Does their TOS allow this kind of integration?


May 10, 2005 - 13:56 : kbahey

This is very useful. 

Not all apache installations enable DNS name resolution, and if you are
on a shared hosting that does not have it, you are out of luck.

This patch does the lookup selectively for links that are interesting
to the admin when viewing the logs.

Moreover, it provides way more info than just a name resolution every
did, or will do. You as the site admin can detect abuse, get
organization contacts, blacklisted status, ...etc.

whois.sc has been available for a while, and provides a lot of nifty
info. For example try http://whois.sc/drupal.org for some fun. Run it
on your domain and see more fun.

As far as ToS, this is something that needs to be checked.

More information about the drupal-devel mailing list