On Tue, Mar 1, 2011 at 7:26 AM, Andy Graybeal <andy.grayb...@casanueva.com> wrote: > Greetings, > I'm wondering if there is a DNS forwarding log? I don't have a DNS server > installed here at the site, I use OpenDNS for my name servers. > > I have a machine that is requesting a website that supposedly is related to > malware according to OpenDNS. > > How would I figure out which machine this is on my network? I figure the > best way would be with a DNS forwarding log, but there isn't one... and I > don't know much about this stuff anyway and I'm eager to learn. >
If you can do some basic command line hacking, there is an option for dnsmasq to log all its queries with the -q option. Level of logging could get out of hand quickly, you'll probably have to log to a syslog server to be able to retain enough to find what you're looking for as the local logs on the system are circular and will overwrite themselves. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org