update-security In message <of5ab352c4.0be87f82-on85257905.0063bdb6-85257905.0065b...@e1b.org>, wbr...@e1b.org writes: > Running an Ubuntu server with the distro provided named 9.4.2.df. After > taking ISC's Intro to DNS and BIND class, I've gotten the courage to > tackle some of the logging tweaks I would like. All the lame server > errors are happily being delivered to the null channel. I also figured > out how to log queries for troubleshooting and keep it from filling the > hard drive. > > On one of our servers, there are a number of Windows systems that are > attempting to update zones which we do not allow. It is not possible to > get all those machines changed to turn off this "feature." I thought I > should be able change the logging to deliver these messages to a custom > channel for testing, and then change it to the null channel when I was > satisfied with the results. Unfortunately, it doesn't work. > > Here is the copy of my logging statement: > > > logging { > > channel query_log { > file "query.log" > versions 3 > size 20m; > print-time yes; > print-category yes; > print-severity yes; > }; > > // category queries { query_log; }; > > > // Send all lame server errors to the null channel > category lame-servers { null; }; > > // send all dynamic update messages to the null channel > // too bad it don't work! > category update { query_log; }; > }; > > Logged messages are like this: > > Sep 8 14:09:22 ns1 named[19392]: client 172.19.161.22#53489: update > '19.172.IN-ADDR.ARPA/IN' denied > > In addition to the update category, I tried client and security > categories. Errors continued to be logged in /var/log/daemon.log instead > of query.log (eventually null). > > Any suggestions? > > -- > > William Brown > Web Development & Messaging Services > Technology Services, WNYRIC, Erie 1 BOCES > > > > > Confidentiality Notice: > This electronic message and any attachments may contain confidential or > privileged information, and is intended only for the individual or entity > identified above as the addressee. If you are not the addressee (or the > employee or agent responsible to deliver it to the addressee), or if this > message has been addressed to you in error, you are hereby notified that > you may not copy, forward, disclose or use any part of this message or any > attachments. Please notify the sender immediately by return e-mail or > telephone and delete this message from your system. > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users