dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity

roles/named: Support logging queries to syslog

Browse Source 
This commit adds two new variables to the *named* role:
`named_queries_syslog` and `named_rpz_syslog`.  These variables control
whether BIND will send query and RPZ log messages to the local syslog
daemon, respectively.
This commit is contained in:
Dustin
2020-09-04 20:56:12 -05:00
parent 84313601ef
commit f536c9633e
3 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
roles/named/templates/named.conf.j2
View File

@@ -77,6 +77,24 @@ logging {
file "data/named.run";
severity dynamic;
};
{% if named_queries_syslog %}
channel queries_syslog {
syslog daemon;
severity info;
};
{% endif %}
{% if named_rpz_syslog %}
channel rpz_syslog {
syslog daemon;
severity info;
};
{% endif %}
{% if named_queries_syslog %}
category queries { queries_syslog; };
{% endif %}
{% if named_rpz_syslog %}
category rpz { rpz_syslog; };
{% endif %}
};
zone "." IN {