-
-
Notifications
You must be signed in to change notification settings - Fork 347
-
-
Notifications
You must be signed in to change notification settings - Fork 347
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FR] distinguish Do53, DoT and DoH in the logs #969
Comments
while "my" use-case would be solved by logging a destination port, other users may see benefits if the destination address is logged. It may make sense to log both if an new option |
It would also be useful to log the protocol (TCP/UDP). |
I have found by mistake unbound supports also DTLS on port 853, not necessary reserved for DoQ. Socket stream/datagram indication should be present, but I think indication of protocol used to receive query would be the best. You can still configure to accept DoT on port 443, at least dnssec-trigger uses that. |
The option The fix adds this type of output to the log replies: |
Hello Wouter, looks like the commit didn't found a way into release 1.19.1. Was this intentional? |
The 1.19.1 release is a security release, and contains the security fixes only. The code is there waiting for a next release, in the code repository. |
the Problem is discussed in the list archive: https://lists.nlnetlabs.nl/pipermail/unbound-users/2023-November/008188.html
Yorgos suggested to open a FR ticket here. I like his idea to simply log the destination port and
suggest to append that information to the current log. for example here:
unbound/util/data/msgreply.c
Line 919 in 15a9b0f
The text was updated successfully, but these errors were encountered: