Hello,
Trying to add some rules to fail2ban list for bind dns. How to enable logging in /etc/named.conf file, that errors will show in /var/log directoy?
P.S. Is it smart to log bind dns or not since logging file might grow to big?
Hello,
Trying to add some rules to fail2ban list for bind dns. How to enable logging in /etc/named.conf file, that errors will show in /var/log directoy?
P.S. Is it smart to log bind dns or not since logging file might grow to big?
On Thu, 2010-01-14 at 21:16 +0000, erik100 wrote:
> Hello,
>
> Trying to add some rules to fail2ban list for bind dns. How to enable
> logging in /etc/named.conf file, that errors will show in /var/log
> directoy?
The reason that named logs are usually in /var/lib/named/logs
is because named is often run chroot’d. To move it would
be painful, but you could always symlink to it inside
of /var/log.
To manipulate named.conf to add logging options, you can
look at the BIND9 ARM or do some googling and look
for the logging section. For example, mine has:
logging {
category update { update_log_file; };
category security { security_log_file; };
category default { log_file; };
category xfer-in { log_file; };
category xfer-out { log_file; };
channel log_file {
file "/var/lib/named/log/named.log" size 2M versions 5;
severity info;
};
channel update_log_file {
file "/var/lib/named/log/ddns.log" size 2M versions 5;
severity info;
};
channel security_log_file {
file "/var/lib/named/log/security.log" size 2M versions
5;
severity info;
};
};