debug-level logging for channel security not working
Mark Andrews
Mark_Andrews at isc.org
Wed Nov 5 20:15:40 UTC 2008
In message <D302FA6A-37D9-4B57-A70B-B456F52A48C7 at siesa.ch>, Ulrich David writes
:
> Hi,
>
> On a fresh install with bind 9.4.2-P2 on gentoo linux I have log files
> full of security warnings like these :
> 05-Nov-2008 19:36:17.257 security: warning: client 213.221.X.
> 245#56406: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
> 05-Nov-2008 19:36:17.272 security: warning: client 213.221.X.
> 245#62695: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
> 05-Nov-2008 19:36:17.274 security: warning: client 213.221.X.
> 245#50338: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
> 05-Nov-2008 19:36:17.311 security: warning: client 213.221.X.
> 245#58331: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
Read the FAQ answer to:
Q: What does "RFC 1918 response from Internet for 0.0.0.10.IN-ADDR.ARPA" mean?
> I have set debuging level to 0 :
> /usr/sbin/named -u named -n 4 -d 0 -t /chroot/dns
>
> and my named config file contains :
>
> channel security {
> syslog local5;
> severity dynamic;
> print-time yes;
> print-severity yes;
> print-category yes;
> };
>
> I have tried to put the severity to "error" but the result is the
> same, I have warnings on security logs...
You need to associate the channel with the category for
it to have any effect. I suggest that you read the logging
section in the ARM.
> I add that query log is off.
>
> I have the same with the lame-server :
> 05-Nov-2008 19:36:16.577 lame-servers: info: unexpected RCODE
> (SERVFAIL) resolving 'host93-139-dynamic.19-87-
> r.retail.telecomitalia.it/A/IN': 151.99.125.5#53
> 05-Nov-2008 19:36:16.836 lame-servers: info: lame server resolving
> '205.24.174.195.in-addr.arpa' (in '24.174.195.in-addr.arpa'?):
> 62.248.103.11#53
>
> which is on severity "dynamic" too.
>
> Is it a small bug or miss I something?
>
> Regards
>
> David
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list