Submit a issue at https://gitlab.isc.org/
> On 28 Oct 2021, at 01:00, Tom <li...@verreckte-cheib.ch> wrote: > > Hi > > Using BIND-9.16.21. I'm wondering, if it's possible to have the ECS client IP > address in the RPZ log. > In front of our BIND, which has an RPZ configuration, is a dnsdist, which > inject the ECS-IP. > > BIND could log the ECS-IP with the builtin "querylog" (rndc querylog on). In > the following example, the effective client-IP is 172.16.16.33/32, which is > logged fine here: > 27-Oct-2021 15:41:27.940 queries: info: client @0x7f3db81aa0f8 > 127.0.0.1#44353 (example.ch): query: example.ch IN A +E(0)K (127.0.0.1) [ECS > 172.16.16.33/32/0] > > > But in the RPZ log, I can correctly see only the dnsdist IP and not the one > from the effective source (172.16.16.33): > 27-Oct-2021 15:41:27.940 rpz: info: client @0x7f3db81aa0f8 127.0.0.1#44353 > (example.ch): rpz QNAME NXDOMAIN rewrite example.ch/A/IN via > example.ch.blacklist-rpz.test.local > > Is there a way to have/see the ECS-IP in the RPZ log? > > Many thanks. > Kind regards, > Tom > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
