debug-level logging for channel security not working
Ulrich David
david.ulrich at siesa.ch
Wed Nov 5 18:48:28 UTC 2008
Hi,
On a fresh install with bind 9.4.2-P2 on gentoo linux I have log files
full of security warnings like these :
05-Nov-2008 19:36:17.257 security: warning: client 213.221.X.
245#56406: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
05-Nov-2008 19:36:17.272 security: warning: client 213.221.X.
245#62695: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
05-Nov-2008 19:36:17.274 security: warning: client 213.221.X.
245#50338: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
05-Nov-2008 19:36:17.311 security: warning: client 213.221.X.
245#58331: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
I have set debuging level to 0 :
/usr/sbin/named -u named -n 4 -d 0 -t /chroot/dns
and my named config file contains :
channel security {
syslog local5;
severity dynamic;
print-time yes;
print-severity yes;
print-category yes;
};
I have tried to put the severity to "error" but the result is the
same, I have warnings on security logs...
I add that query log is off.
I have the same with the lame-server :
05-Nov-2008 19:36:16.577 lame-servers: info: unexpected RCODE
(SERVFAIL) resolving 'host93-139-dynamic.19-87-
r.retail.telecomitalia.it/A/IN': 151.99.125.5#53
05-Nov-2008 19:36:16.836 lame-servers: info: lame server resolving
'205.24.174.195.in-addr.arpa' (in '24.174.195.in-addr.arpa'?):
62.248.103.11#53
which is on severity "dynamic" too.
Is it a small bug or miss I something?
Regards
David
More information about the bind-users
mailing list