[nsd-users] Basic Logging Support Via Syslog
W.C.A. Wijngaards
wouter at NLnetLabs.nl
Tue Sep 1 07:19:15 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Lew,
You may already have considered this, but:
tcpdump -vv udp port 53 and "udp[11] & 0xf == 3"
which prints out all nxdomains passing the server,
this is not good enough for that purpose?
Best regards,
Wouter
On 08/31/2009 07:05 PM, Lew Payne wrote:
> I think I brought this up several years ago...
>
> I'd love to see basic logging support in nsd. Namely, the use of
> syslog calls to facilitate logging of basic data (request IP, query
> type, host name if any), especially for FAILED queries (ones that are
> NXDOMAIN). Looking at a log of failed queries tells you a lot about
> possible configuration errors (especially if migrating) and provides
> valuable insight into possible security issues (probes, etc).
>
> -Lew Payne
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkqcyvMACgkQkDLqNwOhpPjpzwCggNEX9VNtqE/GrqdJlHVJ57ij
D+EAn2p587PKXRRqVmTJvdP1Vo/o/HnX
=WeMu
-----END PGP SIGNATURE-----
More information about the nsd-users
mailing list