[OPENDNSSEC-167] Log message about notify from a non-trusted source - OpenDNSSEC

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.4.0b2
Component/s: Signer
Labels:
- signer_engine

Description

It would be nice to see if there is coming a notify from a source that is not included in the ACL. You now only see this in verbose mode:

Nov 29 15:53:04 ubuntu named[30052]: received control channel command 'reload bellgrim.se'
Nov 29 15:53:04 ubuntu named[30052]: zone bellgrim.se/IN: loaded serial 2011032124
Nov 29 15:53:04 ubuntu named[30052]: zone bellgrim.se/IN: sending notifies (serial 2011032124)
Nov 29 15:53:04 ubuntu ods-signerd: [socket] incoming udp message
Nov 29 15:53:04 ubuntu ods-signerd: [query] tsig ok
Nov 29 15:53:04 ubuntu ods-signerd: [query] incoming notify for zone bellgrim.se
Nov 29 15:53:04 ubuntu ods-signerd: [acl] no match
Nov 29 15:53:04 ubuntu ods-signerd: [query] refused
Nov 29 15:53:04 ubuntu ods-signerd: [socket] sending 165 bytes over udp
Nov 29 15:53:04 ubuntu ods-signerd: [dnshandler] netio dispatch

If you are running in normal mode, there would be nothing about this in the logs.

Attachments

Activity

People

Assignee:: Matthijs Mekking

Reporter:: Rickard Bellgrim

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 2011-11-29 15:57

Updated:: 2011-11-29 16:04

Resolved:: 2011-11-29 16:04