No logging of failed queries

Mark Andrews marka at isc.org
Tue Apr 13 20:18:51 UTC 2021 

Real world configurations would have a catch all view after the more specific views. Add one. 

-- 
Mark Andrews

> On 13 Apr 2021, at 22:41, Sachchidanand Upadhyay via bind-users <bind-users at lists.isc.org> wrote:
> 
> 
> Hi,
> 
>    I am using bind's geoip feature, created one ACL to allow country IN. I am not getting logs of a failed query if the client IP is other than than country IN.
>    Rest all is working fine, getting logs of successful queries. Below find the config details:
> 
> BIND 9.16.13 (Stable Release) <id:072e758>
> running on Linux x86_64 3.10.0-1160.24.1.el7.x86_64 #1 SMP Thu Apr 8 19:51:47 UTC 2021
> built by make with '--prefix=/usr' '--sysconfdir=/etc' '--localstatedir=/var' '--mandir=/usr/share/man' '--with-libtool=/usr/lib64' '--disable-static' '--with-maxminddb'
> compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-44)
> compiled with OpenSSL version: OpenSSL 1.0.2k-fips  26 Jan 2017
> linked to OpenSSL version: OpenSSL 1.0.2k-fips  26 Jan 2017
> compiled with libuv version: 1.41.0
> linked to libuv version: 1.41.0
> compiled with zlib version: 1.2.7
> linked to zlib version: 1.2.7
> linked to maxminddb version: 1.2.0
> threads support is enabled
> 
> default paths:
>   named configuration:  /etc/named.conf
>   rndc configuration:   /etc/rndc.conf
>   DNSSEC root key:      /etc/bind.keys
>   nsupdate session key: /var/run/named/session.key
>   named PID file:       /var/run/named/named.pid
>   named lock file:      /var/run/named/named.lock
>   geoip-directory:      /usr/share/GeoIP
> 
> 
> acl "test" {
>      geoip country IN;
> };
> 
> options {
>   geoip-directory  "path to geo db";
> 
> view "local" {
>                 match-clients {  test; };
>                 recursion yes;
> 
> channel queries {
>                 file "/var/log/queries";
>                 print-time yes;
>                 print-category yes;
>                 print-severity yes;
>                 };
>         category queries {
>                 queries;
>                 };
> channel security {
>                 file "/var/log/security";
>                 print-time yes;
>                 print-category yes;
>                 print-severity yes;
>                 };
>         category security {
>                 queries;
>                 };
> channel query-errors {
>                 file "/var/log/query-errors";
>                 print-time yes;
>                 print-category yes;
>                 print-severity yes;
>                 };
>         category query-errors {
>                 query-errors;
>                 };
> 
> 
> BR,
> Sachchidanand 
> 
> 
> 
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210414/f16c9723/attachment.htm>

More information about the bind-users mailing list