Bind 9.2.4 and logging
Jeff Reasoner
jeff.reasoner at mail.hccanet.org
Tue Mar 4 14:49:30 UTC 2008
I don't know that the other categories are material to what you're
trying to achieve. The logs will contain the source IP and query
regardless of whether it was for in-zone (authoritative) data or
answered out of cache.
I did the same thing last summer with 9.4.1-P1 and the following in
named.conf:
channel bind-queries {
file "/var/log/queries.log" versions 10 size 6m;
severity info;
};
I also did some backend scripting to pull out the unique source IPs so I
knew who I had to contact about changes.
On Mon, 2008-03-03 at 22:58 +0100, Henning Markussen wrote:
> Hi
>
> I'm trying to close down some DNS servers that currently are open to
> recursive requests.
> They are ruining bind 9.2.4
>
> In this process my plan was to determine what clients are using the
> servers as recursive name servers.
>
> I've found the category resolver, client and queries
>
> queries logs the queries ok - but nothing gets into the resolver or
> client category
>
> channel queries_log {
> file "/var/log/queries.log" versions 5 size 5m;
> print-time yes;
> severity dynamic;
> };
>
> channel resolver_log {
> file "/var/log/resolver.log" versions 5 size 5m;
> print-time yes;
> severity dynamic;
> };
>
> channel client_log {
> file "/var/log/client.log" versions 5 size 5m;
> print-time yes;
> severity dynamic;
> };
>
> category client { client_log; };
> category queries { queries_log; };
> category resolver { resolver_log; };
>
> Is there a category where I can log if a request is to the authoritative
> or to the recursive, or am I just not using the categories correct?
>
> Thank you for any input or ideas
>
> - Henning
--
Jeff Reasoner
HCCA
513 728-7902 voice
More information about the bind-users
mailing list