Re: Seeing too many console messages in 9.3.0

> Greetings. I'm kinda shocked that this isn't in the FAQ, and
> unfortunately the archives are not searchable right now (MARC dies
> with an error). Soooooo...
>
> In switching from BIND 9.2.x to 9.3, I now see a zillion messages on
> the console and in /var/log/messages that say:
>
> Nov 23 15:07:43 ns named[1777]: update-security: error: client
> 148.235.74.53#20612: update 'proper.com/IN' denied
>
> I am using the exact same named.conf I was using in 9.2.x. The
> relevant part is:
>
> options {
> directory "/etc/namedb";
> notify yes;
> pid-file "/var/run/named/pid";
> dump-file "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
> };
>
> logging {
> channel my_syslog {
> syslog daemon; severity warning;
> print-category yes; print-severity yes;
> };
> category general {my_syslog;};
> category default {my_syslog;};
> category notify {my_syslog;};
> category xfer-in {my_syslog;};
> category xfer-out {my_syslog;};
> category lame-servers {null;};
> category update {null;};
> category security {null;};
> };
>
> What magic do I need to get the silly warnings off the console and
> out of syslog????? I still want normal errors (like me fat-fingering
> something in the db.foo files) to appear in syslog.
>
> Also, what changed between 9.2.x and 9.3.0 to make them appear?
>
>
The log message is telling you what you need to change.

category update-security { null; };

You may want to change where security goes to now that
update-security is a seperate category. Note you really
should just fix the clients to not make update requests
if you don't want them.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org