No logging of failed queries
Gaurav Kansal
gaurav.kansal at nic.in
Wed Apr 14 09:38:47 UTC 2021
Hi Mark,
Is there a way, by which we can log denied statement w.r.t. view
somewhere in logging ?
Regards,
Gaurav
On 14/04/21 1:48 am, marka at isc.org wrote:
> Real world configurations would have a catch all view after the more
> specific views. Add one.
>
> --
> Mark Andrews
>
>> On 13 Apr 2021, at 22:41, Sachchidanand Upadhyay via bind-users
>> <bind-users at lists.isc.org> wrote:
>>
>>
>> Hi,
>>
>> I am using bind's geoip feature, created one ACL to allow country
>> IN. I am not getting logs of a failed query if the client IP is other
>> than than country IN.
>> Rest all is working fine, getting logs of successful queries.
>> Below find the config details:
>>
>> BIND 9.16.13 (Stable Release) <id:072e758>
>> running on Linux x86_64 3.10.0-1160.24.1.el7.x86_64 #1 SMP Thu Apr 8
>> 19:51:47 UTC 2021
>> built by make with '--prefix=/usr' '--sysconfdir=/etc'
>> '--localstatedir=/var' '--mandir=/usr/share/man'
>> '--with-libtool=/usr/lib64' '--disable-static' '--with-maxminddb'
>> compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-44)
>> compiled with OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
>> linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
>> compiled with libuv version: 1.41.0
>> linked to libuv version: 1.41.0
>> compiled with zlib version: 1.2.7
>> linked to zlib version: 1.2.7
>> linked to maxminddb version: 1.2.0
>> threads support is enabled
>>
>> default paths:
>> named configuration: /etc/named.conf
>> rndc configuration: /etc/rndc.conf
>> DNSSEC root key: /etc/bind.keys
>> nsupdate session key: /var/run/named/session.key
>> named PID file: /var/run/named/named.pid
>> named lock file: /var/run/named/named.lock
>> geoip-directory: /usr/share/GeoIP
>>
>>
>> acl "test" {
>> geoip country IN;
>> };
>>
>> options {
>> geoip-directory "path to geo db";
>>
>> view "local" {
>> match-clients { test; };
>> recursion yes;
>>
>> channel queries {
>> file "/var/log/queries";
>> print-time yes;
>> print-category yes;
>> print-severity yes;
>> };
>> category queries {
>> queries;
>> };
>> channel security {
>> file "/var/log/security";
>> print-time yes;
>> print-category yes;
>> print-severity yes;
>> };
>> category security {
>> queries;
>> };
>> channel query-errors {
>> file "/var/log/query-errors";
>> print-time yes;
>> print-category yes;
>> print-severity yes;
>> };
>> category query-errors {
>> query-errors;
>> };
>>
>>
>> BR,
>> Sachchidanand
>>
>>
>>
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> ISC funds the development of this software with paid support
>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>> information.
>>
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Thanks and Regards,
Gaurav Kansal
+91-9910118448
Disclaimer:
This e-mail and its attachments may contain official Indian Government information. If you are not the intended recipient, please notify the sender immediately and delete this e-mail. Any dissemination or use of this information by a person other than the intended recipient is unauthorized. The responsibility lies with the recipient to check this email and any attachment for the presence of viruses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210414/8135206c/attachment.htm>
More information about the bind-users
mailing list