DNSTAP log local address #367
Merged
+324
−100
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
issue #365 https://github.com/NLnetLabs/unbound/files/5659923/patches.tar.gz from iruzanov. The merge conflicts are fixed, but no changes are made to the patched code.
and pass NULL to make tcp log compile.
do not know the interface at the time. Later when it knows the interface we do not have 'sq' with the zone name.
wcawijngaards
added a commit
that referenced
this pull request
Feb 25, 2021
gthess
added a commit
that referenced
this pull request
Feb 26, 2021
jedisct1
added a commit
to jedisct1/unbound
that referenced
this pull request
Feb 26, 2021
* nlnet/master: (103 commits) - Fix: Resolve interface names on control-interface too. - Fix for NLnetLabs#367: rc_ports don't have ub_sock; skip cleaning up. - Fix to allow rpz with wildcard that applies to all TLDs at once. Changelog note for NLnetLabs#365, NLnetLabs#367 and NLnetLabs#368. - Merge PR NLnetLabs#367 : DNSTAP log local address. With code from PR NLnetLabs#365 and fixes NLnetLabs#368 : dnstap does not log the DNS message ID for FORWARDER_QUERY. Fix comment item. Fix to use a simple pointer in the call of make_sock and make_sock_port. - spelling fix in header. - Fix unit test for added ulimit checks. - Fix function documentation. - On startup of unbound it checks if rlimits on memory size look sufficient for the configured cache size, and logs warning if not. - ipsecmod: Better logging for detecting a cycle when attaching the A/AAAA subquery. - Fix NLnetLabs#384: (1) A minor request to improve the log (2) A minor bug in one log message. - Fix for zonemd, do not reject insecure result from trust anchor validation step in dnssec chain of trust. - Fix for zonemd, that domain-insecure zones work without dnssec. Spelling fix. - Fix for zonemd, that nxdomain for the chain of trust is allowed for island zones, it is treates as an insecure zone for verification. - Fix NLnetLabs#431: Squelch permission denied errors for tcp connect - rpz skip nsec3param records, and nicer log for unsupported actions. - Fix NLnetLabs#429: rpz: url: with https: broken (regression in 1.13.1). - Fix doxygen and pydoc warnings. ...
|
Hello, Wouter! In the previous week i've downloaded tarball with source code of unbound-1.13.1 and did not find the code concerning of DNSTAP logging of local IP. Has this code removed from this version of Unbound? Why i'm asking - i'm just worried about future upgrades to the recent versions of Unbound. And in our project the logging of local IP over DNSTAP is of great importance. Big thank you in advance for answering! |
|
The code is present in the code repository, but has not been in a release tarball yet. The 1.13.1 release was from before the code merge. |
|
I got it! |
gthess
added a commit
that referenced
this pull request
Mar 22, 2021
gthess
added a commit
that referenced
this pull request
May 4, 2021
that are no longer on the tcp_waiting_list.
jedisct1
added a commit
to jedisct1/unbound
that referenced
this pull request
May 9, 2021
* nlnet/master: - Remove case fallthrough from deprecate-rsa-1024 code. - Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024. - Fix NLnetLabs#485: Unbound occasionally reports broken stats. - Rerun flex and bison. - Fix to squelch tcp socket bind failures when the interface is gone. - Add more logging for out-of-memory cases. - Fix for NLnetLabs#367: only attempt to get the interface for queries that are no longer on the tcp_waiting_list. Clearer template text since not everyone can reopen GitHub issues. Changelog note for NLnetLabs#478 - Merge NLnetLabs#478: Allow configuration of TCP timeout while waiting for response. Changelog note and improved comment. - Fix NLnetLabs#481: Fix comment in configuration file. doc/example.conf.in: Clarify comment for `auto-trust-anchor-file` - Add that log-servfail prints an IP address and more information about one of the last failures for that query. Allow configuration of TCP timeout while waiting for response Create issue templates - Fix compiler warning for signed/unsigned comparison for max_reuse_tcp_queries. - Fix NLnetLabs#474: always_null and others inside view.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the code contributed in issue #365 that is imported and then gets modified for insertion in to the code repository.
The code adds logging of the destination, or local, address to the dnstap logging.