Hi all, I have a question. You guys always like a lot of info before you answer. I could dump pages of it, but you would all gag and I but would probably get arrested for indecent exposure as well.
Hardware is Intel PD and higher. 1G memory is all I want. What dist am I on. BubbaCanBuildLinux Linux. (My personal source build) What kernel? Depends...but always most recent I can work with. 2.6.25.xx Gcc-4.2.1 binutils-2.17 glibc-2.5.1 Grsecurity Pax much more... Static Linking and Textrels are never legit here so I must fix a lot of bad code and I rarely share my questionable patches, out of kindness:) I have built and am running the latest PowerDNS Authoratative Server from SVN as of today. Pretty nice. I Didn't want or need the recursor as it would only present a conflict with my private zones on another installed DNS server. I just used the pdns proxy to redirect local queries to my ISP. It works... That info should narrow the playing field:) Where are the stinking access logs? I am at log level=9 as directed by the docs, and have a discrete file on local0. Notify and AXFR info is logged but no udp is ever logged except for errors. I will append what pdns says to this email. But: I get nothing to document client access and my firewall shows I am getting a lot of it. So do the stats. For the past year I have used a very personally hacked version of MyDNS, which would log every single access. Ancient program but made me very aware of how many of these dirtballs were wasting my bandwidth for their own purposes. I constantly have marketing monkeys (AKA: Spammers) and hackers hitting every zone for MX and A. Then I get crawled, poked, and prodded at my expense. And then they send their junk mail. 1..2..3 Always adds adds up to minus-1. What about forensics in the case of enterprise systems? Yes, logging all access IS very, very CPU intense, and certainly not advised in all cases. I personally want to see "What" queries are being made of my servers so I can modify my firewall to get rid of specific undesirable traffic. I should be able to turn this on and off at will but I don't think it is even in the code. If it is, it is not in the docs yet and I don't have a clue. Marty B. PS: Jul 11 13:10:29 Computer pdns[1786]: PowerDNS 3.0-svn (C) 2001-2007 PowerDNS.COM BV (Jul 11 2008, 12:19:04, gcc 4.2.1) starting up Jul 11 13:10:29 Computer pdns[1786]: PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2. Jul 11 13:10:29 Computer pdns[1786]: Set effective group id to 4101 Jul 11 13:10:29 Computer pdns[1786]: Set effective user id to 4101 Jul 11 13:10:29 Computer pdns[1786]: DNS Proxy launched, local port 50005, remote 127.0.0.1:53 Jul 11 13:10:29 Computer pdns[1786]: Master/slave communicator launching Jul 11 13:10:29 Computer pdns[1786]: Creating backend connection for TCP Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful Jul 11 13:10:29 Computer pdns[1786]: About to create 5 backend threads for UDP Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful Jul 11 13:10:29 Computer pdns[1786]: All slave domains are fresh Jul 11 13:10:29 Computer pdns[1786]: No master domains need notifications Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful Jul 11 13:10:29 Computer last message repeated 3 times Jul 11 13:10:29 Computer pdns[1786]: Done launching threads, ready to distribute questions -- Electile Dysfunction : the inability to become aroused over any of the choices for President put forth by either party in the 2008 election.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
