On 26/03/2023 14:34, Ercolino de Spiacico wrote:
In the context of adblock/domain-filtering I was trying to find a way to
log all the blocked queries only. We currently use a custom config
formatted like:
local=baddomain.com/
which returns NXDOMAIN. The issue is that if we enable "log-queries"
this is literally flooding the syslog. Beside this the messages appears
to be logged as info.
I'm aware that we can redirect the dnsmasq logs to a different file but
for the embedded devices we're discussing here (FreshTomato) you do want
the main dnsmasq to hit the default syslog facility. Also performing a
grep-in for NXDOMAIN onto a new file is surely a possibility but rather
intensive for this type of devices, especially if this needs to be
performed periodically.
So in a nutshell, would it be possible to:
A- use 'debug' (or allow custom level number) for the logs generated by
log-queries
That would be simple. Something like
--log-queries=<level>
would work. All the query logging goes through three calls to syslog.
B- allow to limit log-queries to certain results only e.g. log only if
the result is: NXDOMAIN/0.0.0.0/else-the-user-might-want
Sound like a can of worms. Which ones, exactly? What happens when
someone else wants a different subset to solve their logging problem?
C - Allow the --log-facility to be split by loglevel or message type e.g.:
[0-6] > /var/log/messages
7 > /var/log/dnssmasq.debug
That sounds like a job for rsyslogd.
Simon.
Thanks.
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
