Skip to content

Instantly share code, notes, and snippets.

@wwalker

wwalker/grep named messages

Last active May 4, 2020 00:37
Show Gist options
  • Save wwalker/dcc429b01ff4c55df6f7215b05cedbc0 to your computer and use it in GitHub Desktop.
Save wwalker/dcc429b01ff4c55df6f7215b05cedbc0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
grep named messages
cat a
May 3 20:22:54 mail named[3365]: 03-May-2020 20:22:54.127 general: info: received control channel command 'stop'
May 3 20:22:54 mail named[3365]: 03-May-2020 20:22:54.128 general: info: shutting down: flushing changes
May 3 20:22:54 mail named[3365]: 03-May-2020 20:22:54.128 general: notice: stopping command channel on 127.0.0.1#953
May 3 20:22:54 mail named[3365]: 03-May-2020 20:22:54.129 network: info: no longer listening on 127.0.0.1#53
May 3 20:22:54 mail named[3365]: 03-May-2020 20:22:54.129 network: info: no longer listening on 162.243.37.190#53
May 3 20:22:54 mail named[3365]: 03-May-2020 20:22:54.147 general: notice: exiting
May 3 20:22:54 mail named[6461]: starting BIND 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.2 (Extended Support Version) <id:7107deb>
May 3 20:22:54 mail named[6461]: running on Linux x86_64 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020
May 3 20:22:54 mail named[6461]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-python=/usr/bin/python' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--enable-filter-aaaa' '--enable-rrl' '--with-pic' '--disable-static' '--includedir=/usr/include/bind9' '--with-geoip' '--with-libidn' '--enable-openssl-hash' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--with-lmdb=no' '--with-atf=yes' '--enable-fixed-rrset' '--with-tuning=large' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' '--enable-full-report' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
May 3 20:22:54 mail named[6461]: running as: named -u named -c /etc/named.conf
May 3 20:22:54 mail named[6461]: compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-39)
May 3 20:22:54 mail named[6461]: compiled with OpenSSL version: OpenSSL 1.0.2k 26 Jan 2017
May 3 20:22:54 mail named[6461]: linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
May 3 20:22:54 mail named[6461]: compiled with libxml2 version: 2.9.1
May 3 20:22:54 mail named[6461]: linked to libxml2 version: 20901
May 3 20:22:54 mail named[6461]: compiled with zlib version: 1.2.7
May 3 20:22:54 mail named[6461]: linked to zlib version: 1.2.7
May 3 20:22:54 mail named[6461]: threads support is enabled
May 3 20:22:54 mail named[6461]: ----------------------------------------------------
May 3 20:22:54 mail named[6461]: BIND 9 is maintained by Internet Systems Consortium,
May 3 20:22:54 mail named[6461]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
May 3 20:22:54 mail named[6461]: corporation. Support and training for BIND 9 are
May 3 20:22:54 mail named[6461]: available at https://www.isc.org/support
May 3 20:22:54 mail named[6461]: ----------------------------------------------------
May 3 20:22:54 mail named[6461]: adjusted limit on open files from 4096 to 1048576
May 3 20:22:54 mail named[6461]: found 1 CPU, using 1 worker thread
May 3 20:22:54 mail named[6461]: using 1 UDP listener per interface
May 3 20:22:54 mail named[6461]: using up to 21000 sockets
May 3 20:22:54 mail named[6461]: loading configuration from '/etc/named.conf'
May 3 20:22:54 mail named[6461]: reading built-in trust anchors from file '/etc/named.root.key'
May 3 20:22:54 mail named[6461]: initializing GeoIP Country (IPv4) (type 1) DB
May 3 20:22:54 mail named[6461]: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
May 3 20:22:54 mail named[6461]: initializing GeoIP Country (IPv6) (type 12) DB
May 3 20:22:54 mail named[6461]: GEO-106FREE 20180605 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
May 3 20:22:54 mail named[6461]: GeoIP City (IPv4) (type 2) DB not available
May 3 20:22:54 mail named[6461]: GeoIP City (IPv4) (type 6) DB not available
May 3 20:22:54 mail named[6461]: GeoIP City (IPv6) (type 30) DB not available
May 3 20:22:54 mail named[6461]: GeoIP City (IPv6) (type 31) DB not available
May 3 20:22:54 mail named[6461]: GeoIP Region (type 3) DB not available
May 3 20:22:54 mail named[6461]: GeoIP Region (type 7) DB not available
May 3 20:22:54 mail named[6461]: GeoIP ISP (type 4) DB not available
May 3 20:22:54 mail named[6461]: GeoIP Org (type 5) DB not available
May 3 20:22:54 mail named[6461]: GeoIP AS (type 9) DB not available
May 3 20:22:54 mail named[6461]: GeoIP Domain (type 11) DB not available
May 3 20:22:54 mail named[6461]: GeoIP NetSpeed (type 10) DB not available
May 3 20:22:54 mail named[6461]: using default UDP/IPv4 port range: [32768, 60999]
May 3 20:22:54 mail named[6461]: using default UDP/IPv6 port range: [32768, 60999]
May 3 20:22:54 mail named[6461]: listening on IPv4 interface lo, 127.0.0.1#53
May 3 20:22:54 mail named[6461]: listening on IPv4 interface eth0, 162.243.37.190#53
May 3 20:22:54 mail named[6461]: generating session key for dynamic DNS
May 3 20:22:54 mail named[6461]: sizing zone task pool based on 8 zones
May 3 20:22:54 mail named[6461]: none:104: 'max-cache-size 90%' - setting to 438MB (out of 487MB)
May 3 20:22:54 mail named[6461]: set up managed keys zone for view _default, file '/var/named/dynamic/managed-keys.bind'
May 3 20:22:54 mail named[6461]: none:104: 'max-cache-size 90%' - setting to 438MB (out of 487MB)
May 3 20:22:54 mail named[6461]: configuring command channel from '/etc/rndc.key'
May 3 20:22:54 mail named[6461]: command channel listening on 127.0.0.1#953
May 3 20:22:54 mail named[6461]: configuring command channel from '/etc/rndc.key'
May 3 20:22:54 mail named[6461]: couldn't add command channel ::1#953: address not available
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.320 general: info: managed-keys-zone: journal file is out of date: removing journal file
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.320 general: info: managed-keys-zone: loaded serial 15
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.321 general: info: zone 0.in-addr.arpa/IN: loaded serial 0
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.321 general: info: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.321 general: info: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.322 general: info: zone n5red.com/IN: loaded serial 2020050302
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.322 general: warning: technoronin.com.txt:6: no TTL specified; using SOA MINTTL instead
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.322 general: info: zone technoronin.com/IN: loaded serial 2017082602
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.323 general: info: zone localhost.localdomain/IN: loaded serial 0
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.323 general: info: zone localhost/IN: loaded serial 0
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.346 general: notice: all zones loaded
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.346 general: notice: running
May 3 20:22:54 mail named[6461]: 03-May-2020 20:22:54.548 general: info: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
Raw
messages excerpt
general: debug 1: zone n5red.com/IN: starting load
general: debug 1: zone n5red.com/IN: journal rollforward completed successfully: no journal
general: debug 1: zone n5red.com/IN: loaded; checking validity
general: debug 1: zone_settimer: zone n5red.com/IN: enter
general: info: zone n5red.com/IN: loaded serial 2020050302
general: debug 1: dns_zone_maintenance: zone n5red.com/IN: enter
general: debug 1: zone_settimer: zone n5red.com/IN: enter
general: debug 1: zone_timer: zone n5red.com/IN: enter
general: debug 1: zone_maintenance: zone n5red.com/IN: enter
general: debug 1: zone_settimer: zone n5red.com/IN: enter
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.321 general: debug 1: zone n5red.com/IN: starting load
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.322 general: debug 1: zone n5red.com/IN: journal rollforward completed successfully: no journal
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.322 general: debug 1: zone n5red.com/IN: loaded; checking validity
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.322 general: debug 1: zone_settimer: zone n5red.com/IN: enter
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.322 general: info: zone n5red.com/IN: loaded serial 2020050302
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.346 general: debug 1: dns_zone_maintenance: zone n5red.com/IN: enter
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.346 general: debug 1: zone_settimer: zone n5red.com/IN: enter
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.352 general: debug 1: zone_timer: zone n5red.com/IN: enter
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.352 general: debug 1: zone_maintenance: zone n5red.com/IN: enter
May 03 20:22:54 mail.n5red.com named[6461]: 03-May-2020 20:22:54.352 general: debug 1: zone_settimer: zone n5red.com/IN: enter
Raw
n5red.com.txt
# mail.n5red.com it the registered DNS server for n5red.com
$TTL 300
@ IN SOA mail.n5red.com. root.technoronin.com. (
2020050302 ; serial
12h ; refresh
15m ; retry
2w ; expiry
1m ; nxdomain ttl
);
;
; NS RRs
;
@ NS titania.technoronin.com.
@ NS mail.n5red.com.
;
; A RRs
;
mail A 162.243.37.190
n5red.com. A 162.243.37.190
master A 162.243.37.190
new A 165.227.104.29
;
; MX RRs
;
n5red.com. MX 10 mail
Raw
named.conf
options {
listen-on port 53 { 162.243.37.190; 127.0.0.1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; };
recursion no;
dnssec-enable yes;
dnssec-validation auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
print-time yes;
print-category yes;
print-severity yes;
file "named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.conf.local";
include "/etc/named.root.key";
Raw
named.conf.local
zone "technoronin.com" IN {
type master;
file "technoronin.com.txt";
notify no;
};
zone "n5red.com" IN {
type master;
file "n5red.com.txt";
notify no;
};
Raw
other logs
Nothing intersting, mostly just logs of "refused" and "denied"
root@mail:/var/named/log ✓ # ls -l
total 3312
-rw-r--r-- 1 root root 7906 2020-05-03T20:32:17.776000000 a
-rw-r--r-- 1 named named 8865 2020-05-03T20:22:54.547000000 auth_servers
-rw-r--r-- 1 named named 962517 2020-05-03T20:36:15.764000000 client_security
-rw-r--r-- 1 named named 0 2020-05-03T20:05:05.959000000 ddns
-rw-r--r-- 1 named named 39856 2020-05-03T20:23:23.560000000 default
-rw-r--r-- 1 named named 0 2020-05-03T20:05:05.959000000 dnssec
-rw-r--r-- 1 named named 0 2020-05-03T20:05:05.959000000 dnstap
-rw-r--r-- 1 named named 1051957 2020-05-03T20:36:15.764000000 queries
-rw-r--r-- 1 named named 1298038 2020-05-03T20:36:15.764000000 query-errors
-rw-r--r-- 1 named named 3716 2020-05-03T20:22:54.143000000 rate_limiting
-rw-r--r-- 1 named named 0 2020-05-03T20:05:05.959000000 rpz
-rw-r--r-- 1 named named 0 2020-05-03T20:05:05.959000000 zone_transfers
Raw
technoronin.com.txt
$TTL 300
@ IN SOA mail.n5red.com. matt.technoronin.com. (
2017082602 ; serial
12h ; refresh
15m ; retry
2w ; expiry
1m ; nxdomain ttl
);
technoronin.com. A 142.4.212.32
titania A 142.4.212.32
@ NS titania.technoronin.com.
@ NS mail.n5red.com.
technoronin.com. MX 10 titania
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment