logging of desination ip-address ?
Barry Margolin
barmar at alum.mit.edu
Sun Feb 11 22:21:22 UTC 2007
In article <eqltdg$1npq$1 at sf1.isc.org>,
Danny Thomas <d.thomas at its.uq.edu.au> wrote:
> While bind9 allows fine-grained control of ip-address usage
> listen-on
> query-source
> transfer-source
> and so forth, the destination address is not logged.
>
> For example I recently wanted to find out whether
> cisco boomerang dns
> spurious ./NS (mainly from China)
> spurious A.ROOT-SERVERS.NET/A (from China & Japan)
> queries were arriving at the resolving or authoritative ip-address
> of our name-servers, and I ended up using tcpdump. Luckily there
> was at least one well-known source address for each of these types.
>
> I think it could be useful to have a compile-time option enabling
> whether query/update logging included destination ip/port.
Can't you do this with trace logging?
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list