Logging my own lame delegations
Doug Barton
DougB at DougBarton.net
Mon Feb 11 09:27:19 UTC 2002
On Sun, 10 Feb 2002, Doug Barton wrote:
>
> For a variety of reasons, I sometimes discover names that have
> been delegated to my many name servers which I was not aware of. Most
> often this happens because rogue users just put my name servers in their
> applications, and most registrars don't check to see if the names are set
> up there.
>
> What I'd like to do is somehow log when I get a request for a
> domain that I'm not authoritative for.
Ok, I took a look at the code and unless I'm missing something,
this is actually a lot easier than I thought it would be. Adding a new
logging category seems to be really easy (just two lines) and I'm pretty
sure that I found the right place in the code to log the NXDOMAIN/NOERROR
answers that I want to log. At least, it works when I test it.
As an added attraction, since it was so easy to add a new logging
category, I added one for denied dynamic updates. With all those
misconfigured windows clients out there, and the question coming up so
often around here, I thought a category for this message seemed
reasonable. I know this is something _I_ want anyway.
I'd really like some peer review on these small patches, since
this is my first shot at hacking BIND code, and C isn't my "native
language," so to speak. So much the better if someone from ISC/Nominum
wants to take up the banner for these patches... I'll be happy to go
through the official feature request process if I have some assurance that
I'm on the right track.
Enjoy,
Doug
--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002
Do YOU Yahoo!?
-- Attached file included as plaintext by Ecartis --
-- File: named-logging.diff
diff -ur ../../../src-clean/bin/named/ns_defs.h ./ns_defs.h
--- ../../../src-clean/bin/named/ns_defs.h Mon Jan 28 19:59:35 2002
+++ ./ns_defs.h Mon Feb 11 01:06:34 2002
@@ -880,6 +880,9 @@
ns_log_maint,
ns_log_load,
ns_log_resp_checks,
+ ns_log_my_noanswer,
+ ns_log_my_nxdomain,
+ ns_log_denied_updates,
ns_log_control,
ns_log_max_category
} ns_logging_categories;
diff -ur ../../../src-clean/bin/named/ns_glob.h ./ns_glob.h
--- ../../../src-clean/bin/named/ns_glob.h Mon Nov 12 13:22:26 2001
+++ ./ns_glob.h Mon Feb 11 01:07:03 2002
@@ -308,6 +308,9 @@
{ ns_log_maint, "maintenance" },
{ ns_log_load, "load" },
{ ns_log_resp_checks, "response-checks" },
+ { ns_log_my_noanswer, "my-noanswer" },
+ { ns_log_my_nxdomain, "my-nxdomain" },
+ { ns_log_denied_updates, "denied-updates" },
{ ns_log_control, "control" },
{ 0, NULL }
}
diff -ur ../../../src-clean/bin/named/ns_req.c ./ns_req.c
--- ../../../src-clean/bin/named/ns_req.c Thu Jan 31 16:05:36 2002
+++ ./ns_req.c Mon Feb 11 01:13:31 2002
@@ -1501,6 +1501,13 @@
hp->rcode = ns_r_nxdomain;
ns_debug(ns_log_default, 3, "req: leaving (%s, rcode %d)",
dname, hp->rcode);
+
+ /* I want to log NXDOMAIN & ancount == 0 */
+ if (hp->ancount == 0)
+ ns_debug(ns_log_my_nxdomain, 0,
+ "req: returned NXDOMAIN, no answer for %s",
+ *dname ? dname : ".");
+
if (class != C_ANY) {
hp->aa = 1;
if (np && (!foundname || !founddata)) {
@@ -1556,6 +1563,12 @@
sin_ntoa(from), *dname ? dname : ".", p_class(class));
nameserIncr(from.sin_addr, nssRcvdURQ);
}
+
+ /* I want to log NOERROR & ancount == 0 */
+ if ((hp->rcode == NOERROR) && (hp->ancount == 0))
+ ns_debug(ns_log_my_noanswer, 0,
+ "req: returned NOERROR, no answer for %s",
+ *dname ? dname : ".");
/*
* If we successfully found the answer in the cache,
diff -ur ../../../src-clean/bin/named/ns_update.c ./ns_update.c
--- ../../../src-clean/bin/named/ns_update.c Wed Jan 2 16:25:02 2002
+++ ./ns_update.c Mon Feb 11 01:09:00 2002
@@ -1211,7 +1211,7 @@
*/
if (!ip_addr_or_key_allowed(zp->z_update_acl, from.sin_addr, in_key)) {
- ns_notice(ns_log_security,
+ ns_notice(ns_log_denied_updates,
"denied update from %s for \"%s\" %s",
sin_ntoa(from), *dname ? dname : ".", p_class(class));
nameserIncr(from.sin_addr, nssRcvdUUpd);
More information about the bind-users
mailing list