On 13/3/23 16:19, local10 wrote:
Bind seems to be listening on 127.0.0.1 port 53.
I don't have netstat installed and can't easily install it as aptitude can't
resolve Debian server's name to an IP, so the following is what I tried:
# telnet -4 127.0.0.1 53
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
#
#
# systemctl stopĀ named.service
#
#
# telnet -4 127.0.0.1 53
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
#
#
# systemctl restartĀ named.service
#
#
# telnet -4 127.0.0.1 53
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
#
At this stage I'd suggest wireshark but that won't be an option. Perhaps
tcpdump is available?
Another option might be to set up a forwarder such as 8.8.8.8 or 1.1.1.1.
You can also edit debug options into to /etc/bind/named.conf.options
|options { // other configuration options ... // Debug Options debug 1;
logging { channel debug_log { file "/var/log/bind9/debug.log" versions 3
size 5m; severity dynamic; print-time yes; print-severity yes;
print-category yes; }; category default { debug_log; }; }; // End debug
options }; |
--
Jeremy
(Lists)