No logging of failed queries
Mark Andrews
marka at isc.org
Tue Apr 13 20:18:51 UTC 2021
Real world configurations would have a catch all view after the more specific views. Add one.
--
Mark Andrews
> On 13 Apr 2021, at 22:41, Sachchidanand Upadhyay via bind-users <bind-users at lists.isc.org> wrote:
>
>
> Hi,
>
> I am using bind's geoip feature, created one ACL to allow country IN. I am not getting logs of a failed query if the client IP is other than than country IN.
> Rest all is working fine, getting logs of successful queries. Below find the config details:
>
> BIND 9.16.13 (Stable Release) <id:072e758>
> running on Linux x86_64 3.10.0-1160.24.1.el7.x86_64 #1 SMP Thu Apr 8 19:51:47 UTC 2021
> built by make with '--prefix=/usr' '--sysconfdir=/etc' '--localstatedir=/var' '--mandir=/usr/share/man' '--with-libtool=/usr/lib64' '--disable-static' '--with-maxminddb'
> compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-44)
> compiled with OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
> linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
> compiled with libuv version: 1.41.0
> linked to libuv version: 1.41.0
> compiled with zlib version: 1.2.7
> linked to zlib version: 1.2.7
> linked to maxminddb version: 1.2.0
> threads support is enabled
>
> default paths:
> named configuration: /etc/named.conf
> rndc configuration: /etc/rndc.conf
> DNSSEC root key: /etc/bind.keys
> nsupdate session key: /var/run/named/session.key
> named PID file: /var/run/named/named.pid
> named lock file: /var/run/named/named.lock
> geoip-directory: /usr/share/GeoIP
>
>
> acl "test" {
> geoip country IN;
> };
>
> options {
> geoip-directory "path to geo db";
>
> view "local" {
> match-clients { test; };
> recursion yes;
>
> channel queries {
> file "/var/log/queries";
> print-time yes;
> print-category yes;
> print-severity yes;
> };
> category queries {
> queries;
> };
> channel security {
> file "/var/log/security";
> print-time yes;
> print-category yes;
> print-severity yes;
> };
> category security {
> queries;
> };
> channel query-errors {
> file "/var/log/query-errors";
> print-time yes;
> print-category yes;
> print-severity yes;
> };
> category query-errors {
> query-errors;
> };
>
>
> BR,
> Sachchidanand
>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210414/f16c9723/attachment.htm>
More information about the bind-users
mailing list