question about blocking specific log entries.
Chris Thompson
cet1 at cam.ac.uk
Fri Oct 17 10:59:14 UTC 2008
Shawn,
In the context of your query
> How do I keep these entries from being logged?
>
> -------------------
> named[27910]: client 10.57.1.229#56074: query
> '1.0.0.127.dnsbugtest.1.0.0.127.in-addr.arpa/PTR/IN' denied
> -------------------
Mark Andrews wrote (tersely, as is his wont)
> One could also just stop blocking the queries.
It's a really good question as to why you *are* blocking them.
There would probably be a lot fewer of them if you gave the
expected response (NXDOMAIN).
Presumably this is a recursive nameserver. What does its
configuration look like? If you were running BIND 9.4.x or
later you would get an automatic empty zone for 127.in-addr.arpa,
unless you went out of your way to disable it. If you are using
something older then it's good practice to have an explicit
empty zone (or one just for resolving 1.0.0.127.in-addr.arpa
to "localhost").
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list