Maintained by: NLnet Labs

[Unbound-users] [wishlist] unbound vs djbdns

W.C.A. Wijngaards
Wed Jun 15 10:25:29 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Andreas,

On 06/15/2011 09:03 AM, Andreas Schulze wrote:
> Hello,
> 
> I also miss the logging feature.

> Why I am advised to do so as dnsmaster ?
> 
>> ...which would be a good reason for unbound to do the logging itself.  
>> Unbound has already parsed the DNS packet, by necessity.
> +1

Once it has parsed the query, I could print it, the simplest way:
Jun 15 10:03:05 unbound[25547:0] info: ::1 <www.nlnetlabs.nl. A IN>
Jun 15 10:03:10 unbound[25547:0] info: ::1 <www.nlnetlabs.com. A IN>
Jun 15 10:03:12 unbound[25547:0] info: ::1 <www.nlnetlabs.com. MX IN>

Here I perform a couple of queries from ::1.

But it is very simple:
It would be printed for cache response and for non-cache-response.
It would not do escaping, weird characters become '?' (not \123).
It is logged to the regular log channel. (at LOG_INFO level).
I can change the format a little, remove the <>

Patch that does this is:
- --- daemon/worker.c     (revision 2428)
+++ daemon/worker.c     (working copy)
@@ -775,6 +775,11 @@
                server_stats_insrcode(&worker->stats, c->buffer);
                return 1;
        }
+       if(1) {
+               char ip[128];
+               addr_to_str(&repinfo->addr, repinfo->addrlen, ip,
sizeof(ip));
+               log_nametypeclass(0, ip, qinfo.qname, qinfo.qtype,
qinfo.qclass);
+       }
        if(qinfo.qtype == LDNS_RR_TYPE_AXFR ||
                qinfo.qtype == LDNS_RR_TYPE_IXFR) {
                verbose(VERB_ALGO, "worker request: refused zone
transfer.");

So, most of the work would be for the option to turn it on and off, and
the cost is again, the if statement that tests for this option.  This
would be an if statement that is tested for every query, hence slowing
down when it is not turned on.  Not sure if this is worth it.

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJN+Gx5AAoJEJ9vHC1+BF+N2k4P/2Z3Tr/HVjdYBHSOkMKctJex
syrH9hlH2Fk9qoTrnacLE39TgBnc1FGjSzJ9cSi3LUM0t60gA0jud6S1ddcURdgN
yI+EkMkizAz7HCQzvGyufHhCnzQCZbFu6gOqQaxGjsAlVU397zQvwnpIyJXU++Rj
m75Cm/XlxAacTVX0AimDx2LJmrV5hBW3wKEU9itVnl3hfqc04Uc/MTTX7d7/s1xJ
8uTimgeLV+6alBPDcwxk1L2C4qtHGcsJi4QloNKwmMGwI89SwrwG+beVXLRamX6D
unb2iGbXHYjCiH9bh4l4gBWeHmiyBTVd/1kjTsDFiTl3V4bgW+jOrcNZdq4Fsav3
gsEVQWN1BpK2WXbjnXkikwDvXnY5GU5wlHX29cxVCSSnE88QG0kAvzMUQwwpGnsf
sfc2ooEqmYugfbkPDgep3YfEUAZwZmyfmLwD/6xuAGY1E3El/H7v48Uy89ViYffW
Markpu+BCsvX+QPRs+KQtFuGgoMLtijEUxpegNLmObIuXOTDDFKihfWX8JiPPetN
tOalHaRTxSLbFvKyjfStpaW/M3bxxECAf7axDc/56dqLFJkuHYIQ8/h/r9UnikL9
KmRlv05fMzesqdtCzyRxdfZgGiMexILo7RvAo+UiFUrlRO4eAqIrvbV0PgtSjdVz
slfKsnuF6aAhk5fTQ0K2
=baAc
-----END PGP SIGNATURE-----