| 1 | BIND LOGGING |
|---|
| 2 | ------------ |
|---|
| 3 | |
|---|
| 4 | By default, logs from named are sent to /var/log/messages via syslog. |
|---|
| 5 | |
|---|
| 6 | Let's make BIND log in a more detailed fashion. |
|---|
| 7 | |
|---|
| 8 | On MASTER: |
|---|
| 9 | |
|---|
| 10 | 1. Create the log directory: |
|---|
| 11 | |
|---|
| 12 | # mkdir /etc/namedb/log |
|---|
| 13 | # chown bind /etc/namedb/log |
|---|
| 14 | |
|---|
| 15 | 2. Edit /etc/namedb/named.conf, find the end of the "options" section, and |
|---|
| 16 | create the "logging section": |
|---|
| 17 | |
|---|
| 18 | options { |
|---|
| 19 | ... |
|---|
| 20 | }; |
|---|
| 21 | |
|---|
| 22 | // - - - - - - - - - - - - - - - cut below - - - - - - - - - - - - - - - |
|---|
| 23 | |
|---|
| 24 | logging { |
|---|
| 25 | // Channels |
|---|
| 26 | |
|---|
| 27 | channel transfers { |
|---|
| 28 | file "/etc/namedb/log/transfers" versions 3 size 10M; |
|---|
| 29 | print-time yes; |
|---|
| 30 | severity info; |
|---|
| 31 | }; |
|---|
| 32 | channel notify { |
|---|
| 33 | file "/etc/namedb/log/notify" versions 3 size 10M; |
|---|
| 34 | print-time yes; |
|---|
| 35 | severity info; |
|---|
| 36 | }; |
|---|
| 37 | channel dnssec { |
|---|
| 38 | file "/etc/namedb/log/dnssec" versions 3 size 10M; |
|---|
| 39 | print-time yes; |
|---|
| 40 | severity info; |
|---|
| 41 | }; |
|---|
| 42 | channel query { |
|---|
| 43 | file "/etc/namedb/log/query" versions 5 size 10M; |
|---|
| 44 | print-time yes; |
|---|
| 45 | severity info; |
|---|
| 46 | }; |
|---|
| 47 | channel general { |
|---|
| 48 | file "/etc/namedb/log/general" versions 3 size 10M; |
|---|
| 49 | print-time yes; |
|---|
| 50 | severity info; |
|---|
| 51 | }; |
|---|
| 52 | |
|---|
| 53 | // Categories |
|---|
| 54 | |
|---|
| 55 | category xfer-out { transfers; }; |
|---|
| 56 | category xfer-in { transfers; }; |
|---|
| 57 | category notify { notify; }; |
|---|
| 58 | |
|---|
| 59 | category lame-servers { general; }; |
|---|
| 60 | category config { general; }; |
|---|
| 61 | category default { general; }; |
|---|
| 62 | category security { general; }; |
|---|
| 63 | category dnssec { dnssec; }; |
|---|
| 64 | |
|---|
| 65 | // category queries { query }; |
|---|
| 66 | |
|---|
| 67 | }; |
|---|
| 68 | |
|---|
| 69 | // - - - - - - - - - - - - - - - cut above - - - - - - - - - - - - - - - |
|---|
| 70 | |
|---|
| 71 | |
|---|
| 72 | Save and exit the file, and TEST that it works: |
|---|
| 73 | |
|---|
| 74 | # named-checkconf /etc/namedb/named.conf |
|---|
| 75 | |
|---|
| 76 | 2. Now reconfig or restart bind: |
|---|
| 77 | |
|---|
| 78 | # rndc reconfig |
|---|
| 79 | |
|---|
| 80 | - Look into /etc/namedb/log/, and see if the files get created. |
|---|
| 81 | |
|---|
| 82 | If it doesn't work, try: |
|---|
| 83 | |
|---|
| 84 | - check permissions for /etc/namedb/log |
|---|
| 85 | - restarting named (/etc/rc.d/named restart) |
|---|
| 86 | |
|---|
| 87 | 3. Do a zone transfer of you own domain: |
|---|
| 88 | |
|---|
| 89 | # dig @master.grpX.ws.nsrc.org AXFR MYTLD |
|---|
| 90 | ... |
|---|
| 91 | |
|---|
| 92 | - Verify that the transfer shows up in /etc/namedb/log/transfers: |
|---|
| 93 | |
|---|
| 94 | 17-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR started |
|---|
| 95 | 17-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR ended |
|---|
