[Dnsmasq-discuss] [PATCH] log requests that aren't configured to be forwarded
Justin Grudzien
jgrudzien at journera.com
Mon Jul 17 19:44:42 BST 2017
We are running DNSMasq to whitelist domains within AWS. We wanted all
domains not in the whitelist to produce a log line to be forwarded to our
SIEM. Our goal is to detect people attempting DNS attacks against us. Here
is a patch that produces a simple log line if a forwarding is not
attempted.
I would love this to be added to the main codebase. It is a simple change
and will allow others to track non-whitelisted domains.
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20170717/4b52f4ff/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: add-logging-for-non-forwarded-domains.patch
Type: application/octet-stream
Size: 1424 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20170717/4b52f4ff/attachment-0001.obj>
More information about the Dnsmasq-discuss
mailing list