I am still having this issue. Here is my current configuration: logging { channel log { file "/var/log/named/named.log" versions 10 size 100m; severity debug 9999; print-time yes; print-severity yes; print-category yes; }; category default { log; }; category queries { log; }; };
looks like I haven't changed anything since posting last. I can't imagine what I could though. And here is a sample transaction from today: 01-Dec-2008 11:01:14.952 general: debug 60: socket 0xb7f2f148 127.0.0.1#33193: packet received correctly 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: UDP request 01-Dec-2008 11:01:14.952 client: debug 5: client 127.0.0.1#33193: using view '_default' 01-Dec-2008 11:01:14.952 security: debug 3: client 127.0.0.1#33193: request is not signed 01-Dec-2008 11:01:14.952 security: debug 3: client 127.0.0.1#33193: recursion available 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: query 01-Dec-2008 11:01:14.952 queries: info: client 127.0.0.1#33193: query: www.solestruck.com IN A + 01-Dec-2008 11:01:14.952 client: debug 10: client 127.0.0.1#33193: ns_client_attach: ref = 1 01-Dec-2008 11:01:14.952 security: debug 3: client 127.0.0.1#33193: query ' www.solestruck.com/A/IN' approved 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: send 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: sendto 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: senddone 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: next 01-Dec-2008 11:01:14.952 client: debug 10: client 127.0.0.1#33193: ns_client_detach: ref = 0 01-Dec-2008 11:01:14.952 client: debug 3: client 127.0.0.1#33193: endrequest 01-Dec-2008 11:01:14.953 general: debug 60: socket 0xb7f2f148 127.0.0.1#33193: packet received correctly 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: UDP request 01-Dec-2008 11:01:14.953 client: debug 5: client 127.0.0.1#33193: using view '_default' 01-Dec-2008 11:01:14.953 security: debug 3: client 127.0.0.1#33193: request is not signed 01-Dec-2008 11:01:14.953 security: debug 3: client 127.0.0.1#33193: recursion available 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: query 01-Dec-2008 11:01:14.953 queries: info: client 127.0.0.1#33193: query: www.solestruck.com IN AAAA + 01-Dec-2008 11:01:14.953 client: debug 10: client 127.0.0.1#33193: ns_client_attach: ref = 1 01-Dec-2008 11:01:14.953 security: debug 3: client 127.0.0.1#33193: query ' www.solestruck.com/AAAA/IN' approved 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: send 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: sendto 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: senddone 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: next 01-Dec-2008 11:01:14.953 client: debug 10: client 127.0.0.1#33193: ns_client_detach: ref = 0 01-Dec-2008 11:01:14.953 client: debug 3: client 127.0.0.1#33193: endrequest 01-Dec-2008 11:01:14.954 general: debug 60: socket 0xb7f2f148 127.0.0.1#33193: packet received correctly 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: UDP request 01-Dec-2008 11:01:14.954 client: debug 5: client 127.0.0.1#33193: using view '_default' 01-Dec-2008 11:01:14.954 security: debug 3: client 127.0.0.1#33193: request is not signed 01-Dec-2008 11:01:14.954 security: debug 3: client 127.0.0.1#33193: recursion available 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: query 01-Dec-2008 11:01:14.954 queries: info: client 127.0.0.1#33193: query: www.solestruck.com IN MX + 01-Dec-2008 11:01:14.954 client: debug 10: client 127.0.0.1#33193: ns_client_attach: ref = 1 01-Dec-2008 11:01:14.954 security: debug 3: client 127.0.0.1#33193: query ' www.solestruck.com/MX/IN' approved 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: send 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: sendto 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: senddone 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: next 01-Dec-2008 11:01:14.954 client: debug 10: client 127.0.0.1#33193: ns_client_detach: ref = 0 01-Dec-2008 11:01:14.954 client: debug 3: client 127.0.0.1#33193: endrequest The result I'm looking for is "10.1.1.44" and this string does not appear in any of the logs at all. Anyone have any other ideas? thanks, -wes On Fri, Nov 28, 2008 at 11:28 AM, wes <[EMAIL PROTECTED]> wrote: > thanks for the info. I do indeed see tons and tons of messages from named. > I even see the query itself (what people are asking for). Just not the > result. It seems like I get everything except the result. > > -wes > > > On Fri, Nov 28, 2008 at 10:56 AM, ivan jr sy <[EMAIL PROTECTED]> wrote: > >> looks like an OK config for me. >> - you should be able to view the name being queried and from what source >> IP >> - debug10 = view the actual query (similar to dig) >> so you can grep the NXDOMAIN or the ANSWER >> >> are you able to view the log file? did it log the start-up processes of >> BIND? you should be able to see tons and tons of log messages even just on >> startup of named. >> >> note that logging queries will significantly impact the query response >> rate of the server. its a no no for production. on the other hand, your >> tcpdump script sounds elegant... >> >> >> --- On Sat, 11/29/08, wes <[EMAIL PROTECTED]> wrote: >> >> > From: wes <[EMAIL PROTECTED]> >> > Subject: logging query results >> > To: bind-users@lists.isc.org >> > Date: Saturday, November 29, 2008, 7:08 AM >> > I would like to know if it's possible to log the output >> > of each dns query. >> > I'd like to do this to catch failed queries so I can >> > see what people are >> > looking for, and not finding, and add it for them if it >> > should be there. I >> > recently lost my old dns server so I have to start from >> > scratch. >> > >> > This is my current logging configuration: >> > >> > logging { >> > channel log { >> > file "/var/log/named/named.log" >> > versions 10 >> > size 100m; >> > severity debug 9999; >> > print-time yes; >> > print-severity yes; >> > print-category yes; >> > }; >> > category default { log; }; >> > category queries { log; }; >> > }; >> > >> > as far as I can tell, this is set up to log everything >> > ever. but, I still >> > don't get the actual query result in the log. Is there >> > a way to do this? >> > >> > If not, that's ok, I'll set up a tcpdump script to >> > do it. but I thought I >> > would make sure there isn't a built-in method in bind >> > first. >> > >> > thanks for any advice. >> > >> > -wes >> > _______________________________________________ >> > bind-users mailing list >> > bind-users@lists.isc.org >> > https://lists.isc.org/mailman/listinfo/bind-users >> >> >> >> >
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users