Logging source port and Query-ID
Daisuke HIGASHI
daisuke.higashi at gmail.com
Sat Sep 17 09:19:59 UTC 2016
Dnstap frame stream also contains source port and whole DNS
message including query id.
$ dnstap-ldns -y -r /tmp/dnstap.out
type: MESSAGE
identity: "dns01"
version: "unbound 1.5.9"
message:
type: CLIENT_QUERY
query_time: !!timestamp 2016-09-17 07:45:35.903922
socket_family: INET6
socket_protocol: UDP
query_address: ::1
query_port: 49332
query_message: |
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 59383
;; flags: rd ad ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; EDNS: version 0; flags: ; udp: 4096
Unbound's dnstap feature works well (you will need to
install some not-so-common libraries to build!) but it is not well
documented, for example not described in unbound.conf(5).
Still experimental feature?
--
Daisuke Higashi
More information about the Unbound-users
mailing list