BIND сильно гадит в named.log

[koklushkin]

Настроенный шлюз FreeBSD 8.1
Проблема в том что bind сильно засоряет named.log , до нескольких мегабайт одним и тем же!

named.log

Код: Выделить всё

Sep  6 20:04:42 GATEWAY named[909]: starting BIND 9.6.2-P2 -t /var/named -u bind
Sep  6 20:04:42 GATEWAY named[909]: built with '--prefix=/usr' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--enable-threads' '--disable-ipv6' '--e
Sep  6 20:04:42 GATEWAY named[909]: found 1 CPU, using 1 worker thread
Sep  6 20:04:42 GATEWAY named[909]: using up to 4096 sockets
Sep  6 20:04:42 GATEWAY named[909]: loading configuration from '/etc/namedb/named.conf'
Sep  6 20:04:42 GATEWAY named[909]: using default UDP/IPv4 port range: [49152, 65535]
Sep  6 20:04:42 GATEWAY named[909]: using default UDP/IPv6 port range: [49152, 65535]
Sep  6 20:04:42 GATEWAY named[909]: listening on IPv4 interface rl0, 10.48.245.254#53
Sep  6 20:04:42 GATEWAY named[909]: listening on IPv4 interface lo0, 127.0.0.1#53
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 0.IN-ADDR.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 254.169.IN-ADDR.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: D.F.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 8.E.F.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: 9.E.F.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: A.E.F.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: automatic empty zone: B.E.F.IP6.ARPA
Sep  6 20:04:42 GATEWAY named[909]: command channel listening on 127.0.0.1#953
Sep  6 20:04:42 GATEWAY named[909]: command channel listening on ::1#953
Sep  6 20:04:42 GATEWAY named[909]: zone 127.in-addr.arpa/IN: loaded serial 42
Sep  6 20:04:42 GATEWAY named[909]: zone 255.in-addr.arpa/IN: loaded serial 42
Sep  6 20:04:42 GATEWAY named[909]: zone GATEWAY.proxy.local/IN: loaded serial 2006121002
Sep  6 20:04:42 GATEWAY named[909]: zone localhost/IN: loaded serial 42
Sep  6 20:04:42 GATEWAY named[909]: running
Sep  6 20:04:42 GATEWAY named[909]: zone GATEWAY.proxy.local/IN: sending notifies (serial 2006121002)
Sep  6 20:05:28 GATEWAY named[909]: client 127.0.0.1#28328: RFC 1918 response from Internet for 200.245.48.10.in-addr.arpa
Sep  6 20:05:28 GATEWAY named[909]: client 127.0.0.1#36235: RFC 1918 response from Internet for 200.245.48.10.in-addr.arpa
Sep  6 23:59:21 GATEWAY named[909]: success resolving 'mrim.mail.ru/A' (in 'mail.ru'?) after disabling EDNS
Sep  6 23:59:26 GATEWAY named[909]: success resolving 'login.icq.com/A' (in 'icq.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 03:01:02 GATEWAY named[909]: client 127.0.0.1#22755: RFC 1918 response from Internet for 254.245.48.10.in-addr.arpa
Sep  7 03:01:03 GATEWAY named[909]: client 127.0.0.1#32380: RFC 1918 response from Internet for 254.245.48.10.in-addr.arpa
Sep  7 03:01:03 GATEWAY named[909]: client 127.0.0.1#63661: RFC 1918 response from Internet for 254.245.48.10.in-addr.arpa
Sep  7 03:01:39 GATEWAY named[909]: client 127.0.0.1#12481: RFC 1918 response from Internet for 254.245.48.10.in-addr.arpa
Sep  7 09:07:03 GATEWAY named[909]: success resolving 'mail.de-langhe.be/A' (in 'de-langhe.be'?) after reducing the advertised EDNS UDP packet size to 512 oc
Sep  7 09:07:03 GATEWAY named[909]: success resolving 'ns3.skynet.be/A' (in 'skynet.be'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'smtp-in.mail-filters.com/A' (in 'mail-filters.com'?) after reducing the advertised EDNS UDP packet siz
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'mail.aclcargo.com/A' (in 'aclcargo.com'?) after reducing the advertised EDNS UDP packet size to 512 oc
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'ns3.netsol.com/AAAA' (in 'netsol.com'?) after reducing the advertised EDNS UDP packet size to 512 octe
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'spam03.affinitypath.com/A' (in 'affinitypath.com'?) after reducing the advertised EDNS UDP packet size
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'DNS2.state.co.us/AAAA' (in 'state.co.us'?) after reducing the advertised EDNS UDP packet size to 512 o
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'dbru.br.ns.els-gms.att.net/AAAA' (in 'ns.els-gms.att.net'?) after reducing the advertised EDNS UDP pac
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'mail2.acspacific.com/A' (in 'acspacific.com'?) after reducing the advertised EDNS UDP packet size to 5
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'dns1.globenet.com.ph/A' (in 'globenet.com.ph'?) after reducing the advertised EDNS UDP packet size to
Sep  7 09:07:04 GATEWAY named[909]: success resolving 'dns1.globenet.com.ph/AAAA' (in 'globenet.com.ph'?) after reducing the advertised EDNS UDP packet size
Sep  7 09:07:16 GATEWAY named[909]: success resolving 'ns.numeric.be/A' (in 'numeric.be'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:07:16 GATEWAY named[909]: success resolving 'ns2.dns-diy.net/A' (in 'dns-diy.net'?) after reducing the advertised EDNS UDP packet size to 512 octet
Sep  7 09:07:16 GATEWAY named[909]: client 127.0.0.1#53787: RFC 1918 response from Internet for 200.245.48.10.in-addr.arpa
Sep  7 09:07:17 GATEWAY named[909]: client 127.0.0.1#44407: RFC 1918 response from Internet for 200.245.48.10.in-addr.arpa
Sep  7 09:07:19 GATEWAY named[909]: success resolving 'ccponline.com/MX' (in 'ccponline.com'?) after reducing the advertised EDNS UDP packet size to 512 octe
Sep  7 09:07:22 GATEWAY named[909]: success resolving 'sentinel.comair.co.za/A' (in 'comair.co.za'?) after reducing the advertised EDNS UDP packet size to 51
Sep  7 09:07:25 GATEWAY named[909]: success resolving 'dns036.c.register.com/A' (in 'register.com'?) after reducing the advertised EDNS UDP packet size to 51
Sep  7 09:07:27 GATEWAY named[909]: success resolving 'dns036.c.register.com/AAAA' (in 'register.com'?) after reducing the advertised EDNS UDP packet size to
Sep  7 09:07:27 GATEWAY named[909]: success resolving 'dns082.b.register.com/AAAA' (in 'register.com'?) after reducing the advertised EDNS UDP packet size to
Sep  7 09:07:30 GATEWAY named[909]: success resolving 'mail.drinksite.com/A' (in 'drinksite.com'?) after reducing the advertised EDNS UDP packet size to 512
Sep  7 09:07:31 GATEWAY named[909]: success resolving 'ns1.theplanet.com/AAAA' (in 'theplanet.com'?) after reducing the advertised EDNS UDP packet size to 51
Sep  7 09:07:31 GATEWAY named[909]: success resolving 'ns1.theplanet.com/A' (in 'theplanet.com'?) after reducing the advertised EDNS UDP packet size to 512 o
Sep  7 09:07:31 GATEWAY named[909]: success resolving 'ns2.theplanet.com/A' (in 'theplanet.com'?) after reducing the advertised EDNS UDP packet size to 512 o
Sep  7 09:07:31 GATEWAY named[909]: success resolving 'mail.dynatouch.com/A' (in 'dynatouch.com'?) after reducing the advertised EDNS UDP packet size to 512
Sep  7 09:07:31 GATEWAY named[909]: success resolving 'mex2.voz.ru/A' (in 'voz.ru'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:07:32 GATEWAY named[909]: success resolving 'grdns-de.denic.de/A' (in 'denic.de'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:07:32 GATEWAY named[909]: success resolving 'grdns-de.denic.de/AAAA' (in 'denic.de'?) after reducing the advertised EDNS UDP packet size to 512 oct
Sep  7 09:07:32 GATEWAY named[909]: success resolving 'djkenghi.be/MX' (in 'djkenghi.be'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:07:33 GATEWAY named[909]: success resolving 'ns2.theplanet.com/AAAA' (in 'theplanet.com'?) after disabling EDNS
Sep  7 09:07:34 GATEWAY named[909]: client 10.48.245.92#54750: RFC 1918 response from Internet for 92.245.48.10.in-addr.arpa
Sep  7 09:07:46 GATEWAY named[909]: success resolving 'mail.gospikes.com/A' (in 'gospikes.com'?) after reducing the advertised EDNS UDP packet size to 512 oc
Sep  7 09:07:48 GATEWAY named[909]: success resolving 'mailgtw.hdpu.edu.cn/A' (in 'hdpu.edu.cn'?) after reducing the advertised EDNS UDP packet size to 512 o
Sep  7 09:07:49 GATEWAY named[909]: success resolving 'NS02.NRSOFTWARE.COM/A' (in 'NRSOFTWARE.com'?) after reducing the advertised EDNS UDP packet size to 51
Sep  7 09:07:52 GATEWAY named[909]: success resolving 'mercurio.imfegranada.es/A' (in 'imfegranada.es'?) after reducing the advertised EDNS UDP packet size t
Sep  7 09:07:52 GATEWAY named[909]: success resolving 'ms1.ikonet.co.jp/A' (in 'ikonet.co.jp'?) after reducing the advertised EDNS UDP packet size to 512 oct
Sep  7 09:07:53 GATEWAY named[909]: success resolving 'ns1.easydns.com/A' (in 'easydns.com'?) after reducing the advertised EDNS UDP packet size to 512 octet
Sep  7 09:07:53 GATEWAY named[909]: success resolving 'ns2.easydns.com/A' (in 'easydns.com'?) after reducing the advertised EDNS UDP packet size to 512 octet
Sep  7 09:07:53 GATEWAY named[909]: success resolving 'ns2.easydns.com/AAAA' (in 'easydns.com'?) after reducing the advertised EDNS UDP packet size to 512 oc
Sep  7 09:07:53 GATEWAY named[909]: success resolving 'remote1.easydns.com/AAAA' (in 'easydns.com'?) after reducing the advertised EDNS UDP packet size to 51
Sep  7 09:07:55 GATEWAY named[909]: success resolving 'remote1.easydns.com/A' (in 'easydns.com'?) after reducing the advertised EDNS UDP packet size to 512 o
Sep  7 09:08:02 GATEWAY named[909]: success resolving 'r-smtp5.korea.com/A' (in 'korea.com'?) after reducing the advertised EDNS UDP packet size to 512 octet
Sep  7 09:08:04 GATEWAY named[909]: success resolving 'mail.lardysplace.com/A' (in 'lardysplace.com'?) after reducing the advertised EDNS UDP packet size to
Sep  7 09:08:04 GATEWAY named[909]: success resolving 'www.segodnya.ua/A' (in 'segodnya.ua'?) after reducing the advertised EDNS UDP packet size to 512 octet
Sep  7 09:08:11 GATEWAY named[909]: success resolving 'mail.martech-reports.com/A' (in 'martech-reports.com'?) after reducing the advertised EDNS UDP packet
Sep  7 09:08:19 GATEWAY named[909]: success resolving 'smtp.nate.com/A' (in 'nate.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:08:24 GATEWAY named[909]: success resolving 'n6c.akamaiedge.net/A' (in 'akamaiedge.net'?) after reducing the advertised EDNS UDP packet size to 512
Sep  7 09:08:24 GATEWAY named[909]: success resolving 'n6c.akamaiedge.net/AAAA' (in 'akamaiedge.net'?) after reducing the advertised EDNS UDP packet size to
Sep  7 09:08:24 GATEWAY named[909]: success resolving 'northstate.net/MX' (in 'northstate.net'?) after reducing the advertised EDNS UDP packet size to 512 oc
Sep  7 09:08:24 GATEWAY named[909]: success resolving 'dns1.newport.ac.uk/A' (in 'uk'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:08:25 GATEWAY named[909]: success resolving 'dns0.newport.ac.uk/A' (in 'uk'?) after reducing the advertised EDNS UDP packet size to 512 octets
Sep  7 09:08:25 GATEWAY named[909]: success resolving 'njfilmsinc.com/MX' (in 'njfilmsinc.com'?) after reducing the advertised EDNS UDP packet size to 512 oc
Sep  7 09:08:26 GATEWAY named[909]: success resolving 'dns1.newport.ac.uk/AAAA' (in 'ac.uk'?) after reducing the advertised EDNS UDP packet size to 512 octet

named.conf

Код: Выделить всё

options {
        // All file and path names are relative to the chroot directory,
        // if any, and should be fully qualified.
        directory       "/etc/namedb/working";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";

        listen-on       { 127.0.0.1; 10.48.245.254; };
        listen-on-v6    { none; };
        allow-recursion { 127.0.0.1; 10.48.245.254;  10.0.0.0/8; };
        allow-query     { 10.0.0.0/8; 10.48.245.254; 127.0.0.1; };
        allow-update    {none;};
        forwarders      {192.168.20.1;};

        };

logging {
        category lame-servers { null; };
        };

zone "." { type hint; file "/etc/namedb/named.root"; };
zone "localhost"           { type master; file "/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa"    { type master; file "/etc/namedb/master/localhost-reverse.db"; };
zone "GATEWAY.proxy.local" { type master; file "/etc/namedb/master/GATEWAY.proxy.local"; };
zone "255.in-addr.arpa"    { type master; file "/etc/namedb/master/empty.db"; };

GATEWAY.proxy.local

Код: Выделить всё

$TTL    3600
@       IN      SOA     ns.GATEWAY.proxy.local. mufanu.yandex.ru (
                                2006121002;     Serial
                                1d;             Refresh
                                2h;             Retry
                                1000h;          Expire
                                2d;             Minimum
                                )
                IN      NS      GATEWAY.proxy.local.

localhost                  IN      A       127.0.0.1
GATEWAY.proxy.local.       IN      A       10.48.245.254
ns                         IN      A       10.48.245.254
jabber                     IN      A       10.48.245.254
www                        IN      CNAME   GATEWAY.proxy.local.

Собственно прошу вашей помощи как избавиться,.....отключение named.log не приемлемо

[Хостинг HostFood.ru]

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

[Гость]

лог на то и лог что бы туда писать
вообще вы странный
или отключайте лог или настройте ротеит логов

казнить нельзя помиловать

выберите и поставте правильно запятую

[koklushkin]

сюда за помощью я и пришел, что бы узнать как отключить логи "success resolving" , google ничего не сказал (

[Гость]

а что тогда должно влоге писать если не будет писать саксессфул?

[Shuriks]

Если ротация логов отсутствует, то логи в любом случае достигнут нескольких мегабайт и без success resolving :-). Если ротация присутствует, то попробуй поиграться с уровнями логирования в syslog.conf. Начни с уровня info, если не поможет пробуй notice. В крайнем случае подойдет warning, поднимать уровень дальше не стоит. А подробнее: man syslogd, man syslog.conf.
P.S. А что должно значить "category lame-servers { null; }" в секции logging? Не стоит ли это убрать?

[vl]

пишите edns-disabled в отдельный файл:

Код: Выделить всё

logging {
    channel edns-disabled {
      file "/var/log/edns-disabled.log" versions 1 size 500K;
      severity info;
      print-category yes;
      print-severity yes;
      print-time yes;
    };
    category edns-disabled { edns-disabled; };
}

size выбирать по вкусу