linux DNS 服务器日志配置

说明:配置-文章是转载的,留着我以后需要的时候再用。

默认named的日志功能是关闭的,可以使用rndc status查看,如下所示:

#rndc status

number of zones: 8

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/1000

tcp clients: 0/100

使用rndc querylog开启named的日志功能,如下所示:

#rndc querylog

#rndc status

number of zones: 8

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is ON

recursive clients: 0/1000

tcp clients: 0/100

server is up and running

下来在/var/named/chroot/var/named目录下创建一个named.log文件名,这个文件名字随便叫,创建完了后设置权限,如下所示:

#chown named.named /var/named/chroot/var/named/named.log

#chmod 755 /var/named/chroot/var/named/named.log

如果你开启了selinux还要设置相应权限,如果selinux状态为enforcing,你做如下设置,系统会提示named没有权限访问named.log文件,不论我做怎样修改,还是提示无权限,最后我把selinux状态改为permissive状态,named的相关信息写入了named.log文件,但是selinux还是会警告用restorecon -v "./named.log"修改该文件的权限,我使用了restorecon命令后,哪个警告信息还是会出现的,怎么解决这个以后再说,如果你有好的建议,请说明一下。结果是如下所示:

#chcon -u system_u named.log

到此这个文件的相关设置就完成了,下来配置/etc/named.conf文件,在此文件里加入以下内容:

logging {

channel default_syslog { syslog local2; severity error; };

channel audit_log {

file "named.log" versions 3 size 20m;

severity info;

print-time yes;

print-category  yes;

};

category default { audit_log; };

category general { audit_log; };

category security { audit_log; default_syslog; };

category config { default_syslog; };

category resolver { audit_log; };

category xfer-in { audit_log; };

category xfer-out { audit_log; };

category notify { audit_log; };

category client { audit_log; };

category network { audit_log; };

category update { audit_log; };

category queries { audit_log; };

category lame-servers { audit_log; };

};

重启你的named进程,以后你的dns相关信息就会出现这个文件里!

本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u1/36549/showart_1006860.html

****************************************************************

以下实例是我依据上面的理论添加的,的确成功了。

1:我的DNS配置文件/etc/named.conf

//

// named.caching-nameserver.conf

//

// Provided by Red Hat caching-nameserver package to configure the

// ISC BIND named(8) DNS server as a caching only nameserver

// (as a localhost DNS resolver only).

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

// DO NOT EDIT THIS FILE - use system-config-bind or an editor

// to create named.conf - edits to this file will be lost on

// caching-nameserver package upgrade.

//

options {

listen-on port 53 { any; };

listen-on-v6 port 53 { ::1; };

directory       "/var/named";

dump-file       "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port

// randomization

// query-source    port 53;

// query-source-v6 port 53;

allow-query     { any; };

};

#logging {

#        channel default_debug {

#                file "data/named.run";

#               severity dynamic;

#        };

#};

logging {

channel default_syslog { syslog local2; severity error; };

channel audit_log {

file "named.log" versions 3 size 20m;

severity info;

print-time yes;

print-category  yes;

};

category default { audit_log; };

category general { audit_log; };

category security { audit_log; default_syslog; };

category config { default_syslog; };

category resolver { audit_log; };

category xfer-in { audit_log; };

category xfer-out { audit_log; };

category notify { audit_log; };

category client { audit_log; };

category network { audit_log; };

category update { audit_log; };

category queries { audit_log; };

category lame-servers { audit_log; };

};view localhost_resolver {

match-clients      { any; };

match-destinations { any; };

recursion yes;

include "/etc/named.rfc1912.zones";

};

*****蓝色部分就是日志配置了*******

2:查询

为了方便查找日志文件路径以及管理,统一放在/var/log ,我做了一个软链接:

ln -s /var/named/chroot/var/named/named.log /var/log/named.log

看一下,/var/log/named.log是空的,什么也没有

[root@www log]# tail named.log

[root@www log]# pwd

/var/log

验证一下,查询百度

[root@www /]#dig

[root@www log]# dig

; <<>> DiG 9.3.4-P1 <<>>

;; global options:  printcmd

;; Got answer:

;; ->>HEADER

;; QUESTION SECTION:

; IN      A

;; ANSWER SECTION:

.          547     IN      CNAME   .

.       600     IN      A       119.75.213.61

.       600     IN      A       119.75.216.30

;; AUTHORITY SECTION:

a.shifen.com.           85758   IN      NS      ns1.a.shifen.com.

a.shifen.com.           85758   IN      NS      ns3.a.shifen.com.

a.shifen.com.           85758   IN      NS      ns5.a.shifen.com.

a.shifen.com.           85758   IN      NS      ns6.a.shifen.com.

;; Query time: 66 msec

;; SERVER: 192.168.1.112#53(192.168.1.112)

;; WHEN: Fri Jun 19 14:54:05 2009

;; MSG SIZE  rcvd: 162

再来看看/var/log/named.log

[root@www log]# tail named.log

19-Jun-2009 14:54:05.395 queries: client 192.168.1.112#53497: view localhost_resolver: query: IN A +

已经有日志记录了。

本地查询一下:

[root@www log]# nslookup

>

Server:         192.168.1.112

Address:        192.168.1.112#53

Name:

Address: 192.168.1.112

> 192.168.1.112

Server:         192.168.1.112

Address:        192.168.1.112#53

112.1.168.192.in-addr.arpa      name = .

>

本地查询记录也有了

再来看看 /var/log/named.log

[root@www log]# tail named.log

19-Jun-2009 14:54:05.395 queries: client 192.168.1.112#53497: view localhost_resolver: query: IN A +

19-Jun-2009 14:55:18.607 queries: client 192.168.1.112#57028: view localhost_resolver: query: IN A +

19-Jun-2009 14:55:23.182 queries: client 192.168.1.112#37790: view localhost_resolver: query: 112.1.168.192.in-addr.arpa IN PTR +

看看/var/log/messages 还有没有记录DNS记录.

[root@www log]# tail messages

Jun 19 14:41:42 www named[3099]: command channel listening on 127.0.0.1#953

Jun 19 14:41:42 www named[3099]: command channel listening on ::1#953

已经没有该DNS记录的信息了。说明DNS已经把日志输出在了专门的文件了。即

named.log

********************验证成功************************

你可能感兴趣的:(linux服务,服务器,linux,网络)