[Dnsmasq-discuss] logging dns queries

Frederick C. Damen fred at damen.org
Mon Mar 21 17:38:03 GMT 2011 

To put a user perspective on the information gleaned from the log is
a) what dnsmasq is supposed to do or is having trouble doing I would 
like to see in the main log where I look to make sure everything is 
working properly.  If it aint in there its working as expected.
b) What dnsmasq is doing I would like to be able to log but due to the 
volume it causes the log entries of the previous type to get lost in the 
forest.
So the man page should give me the information that allows me to 
separate 'b' from 'a'.

 From staring at the log file I have deduced that an syslog::ident of 
'dnsmasq-dhcp' is used when logging dhcp request/ack messages. Is this 
the only time that this syslog::ident is used, i.e. if dnsmasq burped on 
a dhcp config statement would 'dnsmasq-dhcp' be used?  Was another way 
setup for segregating the two classes of log messages, i.e. LOG_LEVEL 
for 'a' is above LOG_INFO and 'b' is LOG_INFO?

Hope this helps,

Fred


On 03/21/2011 10:47 AM, Carlos Carvalho wrote:
> Simon Kelley (simon at thekelleys.org.uk) wrote on 21 March 2011 13:58:
>   >Carlos Carvalho wrote:
>   >>  Frederick C. Damen (fred at damen.org) wrote on 18 March 2011 22:10:
>   >>
>   >>   >On 03/18/2011 08:51 PM, Carlos Carvalho wrote:
>   >>   >>  Frederick C. Damen (fred at damen.org) wrote on 18 March 2011 18:10:
>   >>   >>    >     From reading this thread I would agree with both sides, syslog in
>   >>   >>    >dnsmasq is not fully documented
>   >>   >>
>   >>   >>  It is. It clearly says logs will go to either syslog or to a file.
>   >>   >It maybe clearly documented for your purposes, but as I stated for my
>   >>   >purposes I would like to know more information than what is stated in
>   >>   >the documentation.  What is the LOG_LEVEL of the dns/dhcp transactions?
>   >>
>   >>  Right... It uses LOG_INFO. And tftp is sent to facility LOG_USER, not
>   >>  daemon. Simon, how about including the changes below in 2.58?
>   >>
>   >>  --- dnsmasq.8~	2011-03-16 10:20:02.000000000 -0300
>   >>  +++ dnsmasq.8	2011-03-19 20:11:24.100487334 -0300
>   >>  @@ -83,7 +83,8 @@
>   >>   to handle TCP queries.
>   >>   .TP
>   >>   .B \-q, --log-queries
>   >>  -Log the results of DNS queries handled by dnsmasq. Enable a full cache dump on receipt of SIGUSR1.
>   >>  +Log the results of DNS queries handled by dnsmasq. Enable a full cache dump on
>   >>  +receipt of SIGUSR1. Logging is done at level LOG_INFO when syslog is used.
>   >>   .TP
>   >>   .B \-8, --log-facility=<facility>
>   >>   Set the facility to which dnsmasq will send syslog entries, this
>   >>  @@ -959,7 +960,7 @@
>   >>   .TP
>   >>   .B --log-dhcp
>   >>   Extra logging for DHCP: log all the options sent to DHCP clients and
>   >>  -the tags used to determine them.
>   >>  +the tags used to determine them. Logging is done at level LOG_INFO when syslog is used.
>   >>   .TP
>   >>   .B \-l, --dhcp-leasefile=<path>
>   >>   Use the specified file to store DHCP lease information.
>   >>  @@ -1118,7 +1119,8 @@
>   >>   Enable the TFTP server function. This is deliberately limited to that
>   >>   needed to net-boot a client. Only reading is allowed; the tsize and
>   >>   blksize extensions are supported (tsize is only supported in octet
>   >>  -mode). See NOTES section for use of the interface argument.
>   >>  +mode). See NOTES section for use of the interface argument. Logging is done
>   >>  +with facility LOG_USER when syslog is used.
>   >>
>   >>   .TP
>   >>   .B --tftp-root=<directory>[,<interface>]
>   >>
>   >
>   >This isn't quite accurate. The log _level_ varies depending on the
>   >message: Most are LOG_INFO, but there are LOG_WARNING and LOG_ERR
>   >messages too.
>
> Yes, but these happen only when there are problems, no? Those produced
> specifically by log-queries and log-dhcp are just LOG_INFO. That's why
> I suggest putting the explanation in the entry for these options.
>
>   >The facility is normally LOG_DAEMON, but it can be set with
>   >--log-facilty flag, and changes to LOG_LOCAL0 when debug (--no-daemon)
>   >mode is set.
>
> Yes, as explained in the man page. However in the specific case of
> tftp it does my_syslog(MS_TFTP | LOG_... so they should only go to
> LOG_DAEMON.
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

More information about the Dnsmasq-discuss mailing list