Re: [Dnsmasq-discuss] [PATCH] log requests that aren't configured to be forwarded

2017-09-25 Thread Justin Grudzien 
Simon,

I see that you are back and wanted to bring this up again. We are using
DNSMasq within AWS to perform DNS whitelisting and I noticed that there is
no log line produced when a domain is NOT configured to be forwarded. I
think this patch should take care of it and would love to have it
considered.

Justin

On Wed, Jul 19, 2017 at 3:57 PM, Justin Grudzien 
wrote:

> I made a small mistake in the patch. Here is the fix!
>
> Justin
>
>
> On Wed, Jul 19, 2017 at 3:32 PM, Justin Grudzien 
> wrote:
>
>> I made a small update to the patch where it adds the IP address in the
>> log message. This will identify the server making the request for the
>> domain that is not configured to forward.
>>
>> Justin
>>
>>
>> On Mon, Jul 17, 2017 at 1:44 PM, Justin Grudzien 
>> wrote:
>>
>>> We are running DNSMasq to whitelist domains within AWS. We wanted all
>>> domains not in the whitelist to produce a log line to be forwarded to our
>>> SIEM. Our goal is to detect people attempting DNS attacks against us. Here
>>> is a patch that produces a simple log line if a forwarding is not
>>> attempted.
>>>
>>> I would love this to be added to the main codebase. It is a simple
>>> change and will allow others to track non-whitelisted domains.
>>>
>>> Justin
>>>
>>>
>>
>


add-logging-for-non-forwarded-domains.patch
Description: Binary data
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] log requests that aren't configured to be forwarded

2017-07-19 Thread Justin Grudzien 
I made a small mistake in the patch. Here is the fix!

Justin


On Wed, Jul 19, 2017 at 3:32 PM, Justin Grudzien 
wrote:

> I made a small update to the patch where it adds the IP address in the log
> message. This will identify the server making the request for the domain
> that is not configured to forward.
>
> Justin
>
>
> On Mon, Jul 17, 2017 at 1:44 PM, Justin Grudzien 
> wrote:
>
>> We are running DNSMasq to whitelist domains within AWS. We wanted all
>> domains not in the whitelist to produce a log line to be forwarded to our
>> SIEM. Our goal is to detect people attempting DNS attacks against us. Here
>> is a patch that produces a simple log line if a forwarding is not
>> attempted.
>>
>> I would love this to be added to the main codebase. It is a simple change
>> and will allow others to track non-whitelisted domains.
>>
>> Justin
>>
>>
>


add-logging-for-non-forwarded-domains.patch
Description: Binary data
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] log requests that aren't configured to be forwarded

2017-07-19 Thread Justin Grudzien 
I made a small update to the patch where it adds the IP address in the log
message. This will identify the server making the request for the domain
that is not configured to forward.

Justin


On Mon, Jul 17, 2017 at 1:44 PM, Justin Grudzien 
wrote:

> We are running DNSMasq to whitelist domains within AWS. We wanted all
> domains not in the whitelist to produce a log line to be forwarded to our
> SIEM. Our goal is to detect people attempting DNS attacks against us. Here
> is a patch that produces a simple log line if a forwarding is not
> attempted.
>
> I would love this to be added to the main codebase. It is a simple change
> and will allow others to track non-whitelisted domains.
>
> Justin
>
>


add-logging-for-non-forwarded-domains.patch
Description: Binary data
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss