Maintained by: NLnet Labs

[Unbound-users] [wishlist] unbound vs djbdns

Phil Mayers
Tue Jun 14 13:45:17 CEST 2011


On 14/06/11 12:28, Kevin Chadwick wrote:
> On Tue, 14 Jun 2011 10:15:05 +0200
> W.C.A. Wijngaards wrote:
>
>> For the log file with queries have you thought about this:
>> tcpdump -i xl0 dst port domain and "(" dst host [your-resolver-IP] or
>> dst host [your-resolver-IP6] ")"
>
> For security reasons, you shouldn't really parse traffic on a production
> system, though you could write the logfile and do so offline.

...which would be a good reason for unbound to do the logging itself. 
Unbound has already parsed the DNS packet, by necessity.