search

folbricht / routedns

DNS stub resolver, proxy and router with support for DoT, DoH, DoQ, and DTLS
BSD 3-Clause "New" or "Revised" License
479 stars 63 forks source link

Query logs #409

Open marcelloinfoweb opened 2 months ago

marcelloinfoweb commented 2 months ago

How is it possible to show a log of requests in the terminal in real time?

folbricht commented 2 months ago

I wanted to add this at some point anyway. Would you be able to try out the issue-409 branch? See https://github.com/folbricht/routedns/pull/410 for an example.

cbuijs commented 2 months ago

You can already do so with the syslog stuff?

folbricht commented 2 months ago

True, it's been a while and I completely forgot about that, doh. The new one is a bit easier to use but this does look unnecessary. Should probably keep just syslog for logging and not merge #410

cbuijs commented 2 months ago

No worries. There is a case for both anyway ;-).

With file logging you night want some pruning options as well to limit size of the logging files etc

folbricht commented 2 months ago

That won't work for you unless you can compile it from the branch. If you can't compile it, you could try out syslog instead. There's an example in https://github.com/folbricht/routedns/blob/master/cmd/routedns/example-config/syslog.toml

marcelloinfoweb commented 2 months ago

That won't work for you unless you can compile it from the branch. If you can't compile it, you could try out syslog instead. There's an example in https://github.com/folbricht/routedns/blob/master/cmd/routedns/example-config/syslog.toml

I did it, I compiled the branch and now I have a log, but it doesn't show the blocked and/or released lists.

folbricht commented 2 months ago

syslog does log responses as well if that's what you're looking for.

cbuijs commented 2 months ago

If you want to log the blocks/allows. You need to start with -l5 or -l6 as parameter.

I start RouteDNS as follows and have all the logging in a file (routedns.log): ./routedns -l6 routedns.toml >> routedns.log 2>&1 & disown

Or get everything into syslog using logger: ./routedns -l6 routedns.toml 2>&1 | /usr/bin/gawk '{print substr($0, index($0, $3))}' | /usr/bin/logger -t "ROUTEDNS" & disown

You can play with the log levels to get more/less logging. I think from -l5 on, blocking is logged.

Above examples make RouteDNS run in the background and it stays there running when you log off.

P.S. You might need to play with the index in the gawk command, I used it to cut off the date/time as syslog already adds it.