[Pdns-users] access log.

[marty]

Hi all,
I have a question.

You guys always like a lot of info before you answer.
I could dump pages of it, but you would all gag and I but would probably get
arrested for indecent exposure as well.

Hardware is Intel PD and higher. 1G memory is all I want.
What dist am I on. BubbaCanBuildLinux Linux. (My personal source build)
What kernel? Depends...but always most recent I can work with. 2.6.25.xx
Gcc-4.2.1 binutils-2.17 glibc-2.5.1 Grsecurity Pax much more...
Static Linking and Textrels are never legit here so I must fix a lot of bad code
and I rarely share my questionable patches, out of kindness:)

I have built and am running the latest PowerDNS Authoratative Server from SVN as
of today. Pretty nice. I Didn't want or need the recursor as it would only
present a conflict with my private zones on another installed DNS server. I just
used the pdns proxy to redirect local queries to my ISP. It works...

That info should narrow the playing field:)

Where are the stinking access logs? I am at log level=9 as directed by the docs,
 and have a discrete file on local0. Notify and AXFR info is logged but no udp
is ever logged except for errors. I will append what pdns says to this email.
But: I get nothing to document client access and my firewall shows I am getting
a lot of it. So do the stats.

For the past year I have used a very personally hacked version of MyDNS, which
would log every single access. Ancient program but made me very aware of how
many of these dirtballs were wasting my bandwidth for their own purposes.
I constantly have marketing monkeys (AKA: Spammers) and hackers hitting every
zone for MX and A. Then I get crawled, poked, and prodded at my expense.
And then they send their junk mail. 1..2..3  Always adds adds up to minus-1.

What about forensics in the case of enterprise systems? Yes, logging all access
IS very, very CPU intense, and certainly not advised in all cases.
I personally want to see "What" queries are being made of my servers so I can
modify my firewall to get rid of specific undesirable traffic. I should be able
to turn this on and off at will but I don't think it is even in the code. If it
is, it is not in the docs yet and I don't have a clue.

Marty B.

PS:
Jul 11 13:10:29 Computer pdns[1786]: PowerDNS 3.0-svn (C) 2001-2007 PowerDNS.COM
BV (Jul 11 2008, 12:19:04, gcc 4.2.1) starting up
Jul 11 13:10:29 Computer pdns[1786]: PowerDNS comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it according to the
terms of the GPL version 2.
Jul 11 13:10:29 Computer pdns[1786]: Set effective group id to 4101
Jul 11 13:10:29 Computer pdns[1786]: Set effective user id to 4101
Jul 11 13:10:29 Computer pdns[1786]: DNS Proxy launched, local port 50005,
remote 127.0.0.1:53
Jul 11 13:10:29 Computer pdns[1786]: Master/slave communicator launching
Jul 11 13:10:29 Computer pdns[1786]: Creating backend connection for TCP
Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful
Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful
Jul 11 13:10:29 Computer pdns[1786]: About to create 5 backend threads for UDP
Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful
Jul 11 13:10:29 Computer pdns[1786]: All slave domains are fresh
Jul 11 13:10:29 Computer pdns[1786]: No master domains need notifications
Jul 11 13:10:29 Computer pdns[1786]: gmysql Connection succesful
Jul 11 13:10:29 Computer last message repeated 3 times
Jul 11 13:10:29 Computer pdns[1786]: Done launching threads, ready to distribute
questions




-- 
Electile Dysfunction : the inability to become aroused over any of the
choices for President put forth by either party in the 2008 election.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20080711/04cad8c6/attachment.sig>