Hello, I also miss the logging feature.
I also know, I could "tcpdump --foo --voodoo". But I do not want read tcpdump's interpretation of a dns packet. I like to see what unbound thinks about it. I also dislike running tcpdump as a parser with root privileges. Yes, I could capture as root and parse as nobody, but that's not comfortable! The suggested logging may be switched on/off via unbound-control. So the "fast path" is less involved. I simply want sometimes know, what questions a specific system asks. Without voodoo ... Anyway, as a postmaster, I would throw away any mailer which could not tell me who is sending/receiving mail. And I would not using tcpdump. As a webmaster, I would not use a webserver unable to to usual logging. And also nobody uses tcpdump. Why I am advised to do so as dnsmaster ? >> For security reasons, you shouldn't really parse traffic on a production >> system, though you could write the logfile and do so offline. > > ...which would be a good reason for unbound to do the logging itself. > Unbound has already parsed the DNS packet, by necessity. +1 -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Jörg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
