Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
BIND logging[SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Fri May 19, 2017 3:44 pm    Post subject: BIND logging[SOLVED] Reply with quote

I have a lot of messages like this in /var/log/messages:
Code:
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 10.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 16.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 17.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 18.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 19.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 20.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 21.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 22.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 23.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 24.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 25.172.IN-ADDR.ARPA
Mar 27 11:37:30 gentoo named[3123]: automatic empty zone: 26.172.IN-ADDR.ARPA
Are this harmful? Should I configure something differently?

Also, what do I have to do to get messages logged in say /var/log/named.log instead of /var/log/messages?
I'd like messages to be notified of start/stop and the fact that errors or warnings exist, but not voluminous standard messages.


Last edited by Tony0945 on Sat May 20, 2017 7:22 pm; edited 1 time in total
Back to top
View user's profile Send private message
theotherjoe
Guru
Guru


Joined: 22 Nov 2003
Posts: 393

PostPosted: Sat May 20, 2017 5:53 am    Post subject: Reply with quote

Tony0945,
regarding log destination for bind, have a look at the link article.
there is an example at the end:
http://www.zytrax.com/books/dns/ch7/logging.html

edit: and these are commented lines from an example
I used to get my named.conf going:
Code:
/*
logging {
        channel default_log {
                file "/var/log/named/named.log" versions 5 size 50M;
                print-time yes;
                print-severity yes;
                print-category yes;
        };

        category default { default_log; };
        category general { default_log; };
};
*/
Back to top
View user's profile Send private message
bunder
Bodhisattva
Bodhisattva


Joined: 10 Apr 2004
Posts: 5934

PostPosted: Sat May 20, 2017 10:05 am    Post subject: Reply with quote

Yes these are normal, they just mean you don't have a zone file for some of the RFC1918 blocks.
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Sat May 20, 2017 4:22 pm    Post subject: Reply with quote

theotherjoe,
Thank you for the link. I did already have the section you posted (Uncommented).
The link helped explain things. I accomplished my purpose by adding to /etc/syslog-ng/syslog-ng.conf:
Code:
destination namedlog { file("/var/log/named/named.log"); };
filter f_BIND { program(named); }; /* f_named was illegal for some reason */
log { source(src); filter(f_BIND); destination(namedlog); };

With that change, the early logging that is sent to /var/log/messages is re-directed to /var/log/named/named.log
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Sat May 20, 2017 4:23 pm    Post subject: Reply with quote

bunder wrote:
Yes these are normal, they just mean you don't have a zone file for some of the RFC1918 blocks.


Should I have a zone file? Or should I just ignore the messages now that they don't clutter /var/log/messages?
Back to top
View user's profile Send private message
bunder
Bodhisattva
Bodhisattva


Joined: 10 Apr 2004
Posts: 5934

PostPosted: Mon May 22, 2017 7:41 am    Post subject: Reply with quote

Tony0945 wrote:
bunder wrote:
Yes these are normal, they just mean you don't have a zone file for some of the RFC1918 blocks.


Should I have a zone file? Or should I just ignore the messages now that they don't clutter /var/log/messages?


It should only print those once when bind starts up, and you don't need a (reverse) zone file for a netblock which you don't use.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum