debug-level logging for channel security not working

Mark Andrews Mark_Andrews at isc.org
Wed Nov 5 20:15:40 UTC 2008


In message <D302FA6A-37D9-4B57-A70B-B456F52A48C7 at siesa.ch>, Ulrich David writes
:
> Hi,
> 
> On a fresh install with bind 9.4.2-P2 on gentoo linux I have log files  
> full of security warnings like these :
> 05-Nov-2008 19:36:17.257 security: warning: client 213.221.X. 
> 245#56406: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
> 05-Nov-2008 19:36:17.272 security: warning: client 213.221.X. 
> 245#62695: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
> 05-Nov-2008 19:36:17.274 security: warning: client 213.221.X. 
> 245#50338: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa
> 05-Nov-2008 19:36:17.311 security: warning: client 213.221.X. 
> 245#58331: RFC 1918 response from Internet for 21.17.16.172.in-addr.arpa

	Read the FAQ answer to:

Q: 	What does "RFC 1918 response from Internet for 0.0.0.10.IN-ADDR.ARPA" mean? 

> I have set debuging level to 0 :
> /usr/sbin/named -u named -n 4 -d 0 -t /chroot/dns
> 
> and my named config file contains :
> 
> 	channel security {
> 		syslog local5;
>       		severity dynamic;
>     		print-time yes;
> 		print-severity yes;
> 		print-category yes;
> 	};
> 
> I have tried to put the severity to "error" but the result is the  
> same, I have warnings on security logs...

	You need to associate the channel with the category for
	it to have any effect.  I suggest that you read the logging
	section in the ARM.
 
> I add that query log is off.
> 
> I have the same with the lame-server :
> 05-Nov-2008 19:36:16.577 lame-servers: info: unexpected RCODE  
> (SERVFAIL) resolving 'host93-139-dynamic.19-87- 
> r.retail.telecomitalia.it/A/IN': 151.99.125.5#53
> 05-Nov-2008 19:36:16.836 lame-servers: info: lame server resolving  
> '205.24.174.195.in-addr.arpa' (in '24.174.195.in-addr.arpa'?):  
> 62.248.103.11#53
> 
> which is on severity "dynamic" too.
> 
> Is it a small bug or miss I something?
> 
> Regards
> 
> David
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org


More information about the bind-users mailing list