[ previous ] [ next ] [ threads ]
 
 From:  Pierre Nast <pierre at coldev dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] dnsmasq to syslog
 Date:  Sun, 20 Oct 2013 23:20:21 +0200
> On 02/04/2013 01:05 PM, Francisco Artes wrote:
>> Due to some testing I am doing, I would like to log all DNS queries 
>> made to
>> dnsmasq.  Is there a configuration file I can edit via exec.php to 
>> set dnsmasq
>> to put standard error and out to syslog vs. what I think is either 
>> set to
>> null or console?  Thanks!
>
> Create a firewall rule under LAN to allow access to the Gateway IP on 
> port 53, and log it.  Put it at the top.  Instant log to syslog of who 
> is polling DNS.  If you need to log what they are asking, that is 
> different.
>
>             Lee
>
>
Hi all,

As I was working on a DNS setup, I had the same question.
I found another way of doing things than the above.
I downloaded /etc/inc/services.inc from my m0n0wall box (using the 
exec.php page).
I changed the way dnsmasq is started in the function 
services_dnsmasq_configure() by adding the -q option that I found in the 
dnsmasq man page :

*-q, --log-queries*
    Log the results of DNS queries handled by dnsmasq. Enable a full
    cache dump on receipt of SIGUSR1. 

I uploaded back the edited file on the m0n0wall box, and moved it from 
/tmp to /etc/inc like it is written in the m0n0wall developer handbook 
(see http://doc.m0n0.ch/dev/faq.html#id11623234).
I toggled one of the options in the "Services > DNS forwarder" page and 
then applied changes in order to trigger a reload of the service. Now, 
all the DNS queries received by dnsmasq are showing in the "Diagnostics 
 > Logs" page, under the "System" tab.

-- 
Pierre