ask about bind9 logging function: How can I log the service port number (eg. 53, 443, 853) in my log of `queries` category

Petr Špaček pspacek at isc.org
Tue Nov 26 13:36:43 UTC 2024 

On 26. 11. 24 10:08, n/a via bind-users wrote:
> I am a new user in bind9.
> 
> I have setup my DNS server with port 53, port 443 (DoH), and port 853 
> (DoT). And now, in my logging file of `queries` category, one query 
> example shows as below:
> 
> 26-Nov-2024 03:55:41.524 queries: info: client @0x7f21ba9b3000 
> 111.11.11.109#61713 (ust.hk <http://ust.hk/>): query:ust.hk <http:// 
> ust.hk/>IN A +E(0)TK (111.111.111.999)
> 
> For the|queries|​ log like this, how can I print the service port number 
> used by the client? For example, for this|queries|​ log, what I want to 
> get is with the service port number as below:
> 26-Nov-2024 03:55:41.524 queries: info: client @0x7f21ba9b3000 
> 111.11.11.109#61713 (ust.hk <http://ust.hk/>): query:ust.hk <http:// 
> ust.hk/>IN A +E(0)TK (111.111.111.999#443)
> 26-Nov-2024 03:55:41.524 queries: info: client @0x7f21ba9b3000 
> 111.11.11.109#61713 (ust.hk <http://ust.hk/>): query:ust.hk <http:// 
> ust.hk/>IN A +E(0)TK (111.111.111.999#853)
> 26-Nov-2024 03:55:41.524 queries: info: client @0x7f21ba9b3000 
> 111.11.11.109#61713 (ust.hk <http://ust.hk/>): query:ust.hk <http:// 
> ust.hk/>IN A +E(0)K (111.111.111.999#53)
> 
> How should I set up the logging config options to log the service port 
> number?
> 
> I have searched for this question on Google, and asked ChatGPT, but I 
> only got answers to use other tools, like tcpdump. Is it possible to 
> just config bind9 named.conf.* for this?

Currently this is not possible, but I guess it is a legit feature request.

Please log it formally at
https://gitlab.isc.org/isc-projects/bind9/-/issues/new?issuable_template=Feature_Request

and we will have to find out if this is an 'incompatible' change or not. 
I don't know how many people rely on precise query log format, and if we 
decide that it is an incompatible change we will have to put this into 
9.21 branch only.

-- 
Petr Špaček
Internet Systems Consortium

More information about the bind-users mailing list