说明:配置-文章是转载的,留着我以后需要的时候再用。
默认named的日志功能是关闭的,可以使用rndc status查看,如下所示:
#rndc status
number of zones: 8
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
使用rndc querylog开启named的日志功能,如下所示:
#rndc querylog
#rndc status
number of zones: 8
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
下来在/var/named/chroot/var/named目录下创建一个named.log文件名,这个文件名字随便叫,创建完了后设置权限,如下所示:
#chown named.named /var/named/chroot/var/named/named.log
#chmod 755 /var/named/chroot/var/named/named.log
如果你开启了selinux还要设置相应权限,如果selinux状态为enforcing,你做如下设置,系统会提示named没有权限访问named.log文件,不论我做怎样修改,还是提示无权限,最后我把selinux状态改为permissive状态,named的相关信息写入了named.log文件,但是selinux还是会警告用restorecon -v "./named.log"修改该文件的权限,我使用了restorecon命令后,哪个警告信息还是会出现的,怎么解决这个以后再说,如果你有好的建议,请说明一下。结果是如下所示:
#chcon -u system_u named.log
到此这个文件的相关设置就完成了,下来配置/etc/named.conf文件,在此文件里加入以下内容:
logging {
channel default_syslog { syslog local2; severity error; };
channel audit_log {
file "named.log" versions 3 size 20m;
severity info;
print-time yes;
print-category yes;
};
category default { audit_log; };
category general { audit_log; };
category security { audit_log; default_syslog; };
category config { default_syslog; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};
重启你的named进程,以后你的dns相关信息就会出现这个文件里!
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u1/36549/showart_1006860.html
****************************************************************
以下实例是我依据上面的理论添加的,的确成功了。
1:我的DNS配置文件/etc/named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
};
#logging {
# channel default_debug {
# file "data/named.run";
# severity dynamic;
# };
#};
logging {
channel default_syslog { syslog local2; severity error; };
channel audit_log {
file "named.log" versions 3 size 20m;
severity info;
print-time yes;
print-category yes;
};
category default { audit_log; };
category general { audit_log; };
category security { audit_log; default_syslog; };
category config { default_syslog; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
*****蓝色部分就是日志配置了*******
2:查询
为了方便查找日志文件路径以及管理,统一放在/var/log ,我做了一个软链接:
ln -s /var/named/chroot/var/named/named.log /var/log/named.log
看一下,/var/log/named.log是空的,什么也没有
[root@www log]# tail named.log
[root@www log]# pwd
/var/log
验证一下,查询百度
[root@www /]#dig
[root@www log]# dig
; <<>> DiG 9.3.4-P1 <<>>
;; global options: printcmd
;; Got answer:
;; ->>HEADER
;; QUESTION SECTION:
; IN A
;; ANSWER SECTION:
. 547 IN CNAME .
. 600 IN A 119.75.213.61
. 600 IN A 119.75.216.30
;; AUTHORITY SECTION:
a.shifen.com. 85758 IN NS ns1.a.shifen.com.
a.shifen.com. 85758 IN NS ns3.a.shifen.com.
a.shifen.com. 85758 IN NS ns5.a.shifen.com.
a.shifen.com. 85758 IN NS ns6.a.shifen.com.
;; Query time: 66 msec
;; SERVER: 192.168.1.112#53(192.168.1.112)
;; WHEN: Fri Jun 19 14:54:05 2009
;; MSG SIZE rcvd: 162
再来看看/var/log/named.log
[root@www log]# tail named.log
19-Jun-2009 14:54:05.395 queries: client 192.168.1.112#53497: view localhost_resolver: query: IN A +
已经有日志记录了。
本地查询一下:
[root@www log]# nslookup
>
Server: 192.168.1.112
Address: 192.168.1.112#53
Name:
Address: 192.168.1.112
> 192.168.1.112
Server: 192.168.1.112
Address: 192.168.1.112#53
112.1.168.192.in-addr.arpa name = .
>
本地查询记录也有了
再来看看 /var/log/named.log
[root@www log]# tail named.log
19-Jun-2009 14:54:05.395 queries: client 192.168.1.112#53497: view localhost_resolver: query: IN A +
19-Jun-2009 14:55:18.607 queries: client 192.168.1.112#57028: view localhost_resolver: query: IN A +
19-Jun-2009 14:55:23.182 queries: client 192.168.1.112#37790: view localhost_resolver: query: 112.1.168.192.in-addr.arpa IN PTR +
看看/var/log/messages 还有没有记录DNS记录.
[root@www log]# tail messages
Jun 19 14:41:42 www named[3099]: command channel listening on 127.0.0.1#953
Jun 19 14:41:42 www named[3099]: command channel listening on ::1#953
已经没有该DNS记录的信息了。说明DNS已经把日志输出在了专门的文件了。即
named.log
********************验证成功************************