When running commands like netstat or snoop,, I would like not to reverse lookup because there are cases when either the number converts to name which converts to different number or the number converts to name which converts to multiple or unpredictable numbers.
However,, I still would like reverse lookups to continue for items in /etc/hosts
DNS settings, as a general rule, are machine-wide. You could turn off your DNS resolution, filter it, or give false answers -- but I bet you don't want to do that. I think your best answer is to run them with lookups disabled (e.g., netstat -n) and then run the output through a script that checks against /etc/hosts and does the proper replacements.
netstat has options that just return numbers without translating them e.g. netstat -n will return IP address, port, user as numbers; netstat --numeric-hosts will translate everything but the IP address.
My reading of the snoop man page suggests that it does capture the IP address, and you need to run a capture file through it with the -N flag to get hostname translation. This suggests that you may be using another tool reliant on snoop which is requesting the results use lookups to get hostnames.
Perhaps your question is a bit leading in naming those two tools. Can you give a bit more information on what you are trying to achieve here? Maybe you need to string a bunch of commands together to get exactly what you want. I think most unix network tools have a flag to toggle lookups.
As already stated, use netstat -n to disable name resolution. The corresponding option when capturing traffic with snoop is snoop -r, however, I believe it only appeared with OpenSolaris/Solaris 11 Express so might not be available to you should you use Solaris 10 or older..
i think if it was like linux in /etc/resolv.conf you have entry
order hosts,bind
hosts is to try hosts first, bind is to fallback on dns if /etc/hosts didnt succeed
