[Dnsmasq-discuss] log-queries and NXDOMAINS
Simon Kelley
simon at thekelleys.org.uk
Thu Mar 30 17:49:37 UTC 2023
On 26/03/2023 14:34, Ercolino de Spiacico wrote:
> In the context of adblock/domain-filtering I was trying to find a way to
> log all the blocked queries only. We currently use a custom config
> formatted like:
>
> local=baddomain.com/
>
> which returns NXDOMAIN. The issue is that if we enable "log-queries"
> this is literally flooding the syslog. Beside this the messages appears
> to be logged as info.
>
>
> I'm aware that we can redirect the dnsmasq logs to a different file but
> for the embedded devices we're discussing here (FreshTomato) you do want
> the main dnsmasq to hit the default syslog facility. Also performing a
> grep-in for NXDOMAIN onto a new file is surely a possibility but rather
> intensive for this type of devices, especially if this needs to be
> performed periodically.
>
>
> So in a nutshell, would it be possible to:
>
> A- use 'debug' (or allow custom level number) for the logs generated by
> log-queries
That would be simple. Something like
--log-queries=<level>
would work. All the query logging goes through three calls to syslog.
>
> B- allow to limit log-queries to certain results only e.g. log only if
> the result is: NXDOMAIN/0.0.0.0/else-the-user-might-want
Sound like a can of worms. Which ones, exactly? What happens when
someone else wants a different subset to solve their logging problem?
>
> C - Allow the --log-facility to be split by loglevel or message type e.g.:
> [0-6] > /var/log/messages
> 7 > /var/log/dnssmasq.debug
That sounds like a job for rsyslogd.
Simon.
>
>
>
> Thanks.
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list