Bind 9 日志记录用户请求域名解析,不知道对不对,但是日志结果记录了用户请求的域名、用户的IP地址、用户请求的时间,日志结果:
((((((06-Nov-2010 15:57:18.639 security: client 192.168.1.188#59500: view edu: request is not signed
06-Nov-2010 15:57:18.639 security: client 192.168.1.188#59500: view edu: recursion available
06-Nov-2010 15:57:18.639 security: client 192.168.1.188#59500: view edu: query (cache) '' approved
06-Nov-2010 15:57:20.640 security: client 192.168.1.188#59501: view edu: request is not signed
06-Nov-2010 15:57:20.640 security: client 192.168.1.188#59501: view edu: recursion available
06-Nov-2010 15:57:20.640 security: client 192.168.1.188#59501: view edu: query (cache) '' approved
06-Nov-2010 15:57:20.977 security: client 192.168.1.188#59502: view edu: request is not signed
06-Nov-2010 15:57:20.977 security: client 192.168.1.188#59502: view edu: recursion available
06-Nov-2010 15:57:20.977 security: client 192.168.1.188#59502: view edu: query (cache) '' approved
06-Nov-2010 15:57:20.978 security: client 192.168.1.188#59503: view edu: request is not signed
06-Nov-2010 15:57:20.978 security: client 192.168.1.188#59503: view edu: recursion available
06-Nov-2010 15:57:20.978 security: client 192.168.1.188#59503: view edu: query (cache) '' approved
))))))
关于日志选项配置:
# more /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
logging {
channel query_log {
file "query.log" versions 4 size 20m;
severity debug 3;
print-time yes;
print-category yes;
};
category security {
query_log;
};
};
#
阅读(7023) | 评论(0) | 转发(0) |