I made a small update to the patch where it adds the IP address in the log message. This will identify the server making the request for the domain that is not configured to forward.
Justin On Mon, Jul 17, 2017 at 1:44 PM, Justin Grudzien <jgrudz...@journera.com> wrote: > We are running DNSMasq to whitelist domains within AWS. We wanted all > domains not in the whitelist to produce a log line to be forwarded to our > SIEM. Our goal is to detect people attempting DNS attacks against us. Here > is a patch that produces a simple log line if a forwarding is not > attempted. > > I would love this to be added to the main codebase. It is a simple change > and will allow others to track non-whitelisted domains. > > Justin > >
add-logging-for-non-forwarded-domains.patch
Description: Binary data
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
