Didn't know the variable DoLookup existed. Looking through the code, it appears that only the service iptables makes use of it. (Services courier and pound seem to use it, but they define their own LookupIP function. Services named and secure have them commented out. )
The issue is that the variable needs to be defined inside the script; sshd currently does not. Try the following patch on your sshd script. Then you also need to define the following in /etc/logwatch/conf/services/sshd.conf: $sshd_ip_lookup = No
(Or use the value 0.) The value of sshd_ip_lookup is passed to the global DoLookup for the sshd script.
I am trying to figure out how to selectively disable hostname lookups for specific modules, like sshd.
The LookupIP function in Logwatch.pm appears to provide this functionality, saying
But for the life of me, I don't know what that means. I've tried adding various forms to my override.conf, including
None of which appeared to do anything. For now I've found a global option "numeric" to disable hostname lookups everywhere.
Didn't know the variable DoLookup existed. Looking through the code, it appears that only the service iptables makes use of it. (Services courier and pound seem to use it, but they define their own LookupIP function. Services named and secure have them commented out. )
The issue is that the variable needs to be defined inside the script; sshd currently does not. Try the following patch on your sshd script. Then you also need to define the following in
/etc/logwatch/conf/services/sshd.conf
:$sshd_ip_lookup = No
(Or use the value 0.) The value of sshd_ip_lookup is passed to the global DoLookup for the sshd script.