gthess
commented
1 month ago Thanks! It seems the wrong value was printed indeed. Now it will print the first client's address if any. I say first because maybe more than one are waiting for an answer.
Closed anxstj closed 1 month ago
gthess
commented
1 month ago Thanks! It seems the wrong value was printed indeed. Now it will print the first client's address if any. I say first because maybe more than one are waiting for an answer.
Describe the bug
If
ratelimit-below-domain: in-addr.arpa 2is configured then unbound will log the following:It seems that the from address is referring to the server that sent the last reply and not to the client that was doing the request.
To reproduce Steps to reproduce the behavior:
systemctl restart unboundExpected behavior I would expect that the IP address of the client that is doing the request is logged. In this case:
System:
unbound -Voutput:Configure line: --build=x86_64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=${prefix}/lib/x86_64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking --with-pythonmodule --with-pyunbound --enable-subnet --enable-dnstap --enable-systemd --enable-cachedb --with-libhiredis --with-libnghttp2 --with-chroot-dir= --with-dnstap-socket-path=/run/dnstap.sock --disable-rpath --with-pidfile=/run/unbound.pid --with-libevent --enable-tfo-client --with-rootkey-file=/usr/share/dns/root.key --enable-tfo-server Linked libs: libevent 2.1.12-stable (it uses epoll), OpenSSL 3.2.2 4 Jun 2024 Linked modules: dns64 python cachedb subnetcache respip validator iterator TCP Fastopen feature available
BSD licensed, see LICENSE in source package for details. Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues