Simon, I see that you are back and wanted to bring this up again. We are using DNSMasq within AWS to perform DNS whitelisting and I noticed that there is no log line produced when a domain is NOT configured to be forwarded. I think this patch should take care of it and would love to have it considered.
Justin On Wed, Jul 19, 2017 at 3:57 PM, Justin Grudzien <jgrudz...@journera.com> wrote: > I made a small mistake in the patch. Here is the fix! > > Justin > > > On Wed, Jul 19, 2017 at 3:32 PM, Justin Grudzien <jgrudz...@journera.com> > wrote: > >> I made a small update to the patch where it adds the IP address in the >> log message. This will identify the server making the request for the >> domain that is not configured to forward. >> >> Justin >> >> >> On Mon, Jul 17, 2017 at 1:44 PM, Justin Grudzien <jgrudz...@journera.com> >> wrote: >> >>> We are running DNSMasq to whitelist domains within AWS. We wanted all >>> domains not in the whitelist to produce a log line to be forwarded to our >>> SIEM. Our goal is to detect people attempting DNS attacks against us. Here >>> is a patch that produces a simple log line if a forwarding is not >>> attempted. >>> >>> I would love this to be added to the main codebase. It is a simple >>> change and will allow others to track non-whitelisted domains. >>> >>> Justin >>> >>> >> >
add-logging-for-non-forwarded-domains.patch
Description: Binary data
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
