diff options
author | Warren Baker <warren@decoy.co.za> | 2010-12-02 19:38:10 +0200 |
---|---|---|
committer | Warren Baker <warren@decoy.co.za> | 2010-12-02 19:38:10 +0200 |
commit | acd4d2b9e95770f91d96ecca98d2fb8d18f7f232 (patch) | |
tree | 53de14f4c50fab09a4df667e66c6afe08f6a151c | |
parent | 5a8b4c1350929a342da1d3f386d5887db3cc7b3f (diff) | |
download | pfsense-packages-acd4d2b9e95770f91d96ecca98d2fb8d18f7f232.tar.gz pfsense-packages-acd4d2b9e95770f91d96ecca98d2fb8d18f7f232.tar.bz2 pfsense-packages-acd4d2b9e95770f91d96ecca98d2fb8d18f7f232.zip |
Add Unbound logging to a separate clog file (unbound.log) and reduce noise from every 5minutes to every hour.
-rw-r--r-- | config/unbound/unbound.inc | 14 | ||||
-rwxr-xr-x | pkg_config.8.xml | 5 | ||||
-rwxr-xr-x | pkg_config.8.xml.amd64 | 9 |
3 files changed, 20 insertions, 8 deletions
diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc index 437e68c4..3bc07814 100644 --- a/config/unbound/unbound.inc +++ b/config/unbound/unbound.inc @@ -31,7 +31,7 @@ if(!function_exists("get_nameservers")) function unbound_initial_setup() { - global $config; + global $config, $g; if (!array($config['installedpackages']['unbound']['config'])) $config['installedpackages']['unbound']['config'] = array(); @@ -49,10 +49,12 @@ function unbound_initial_setup() { // Touch needed files @touch("/usr/local/etc/unbound/root.hints"); @touch("/usr/local/etc/unbound/root-trust-anchor"); + @touch("{$g['varlog_path']}/unbound.log"); // Ensure files and folders belong to unbound @chown("/usr/local/etc/unbound/root-trust-anchor", "unbound"); @chgrp("/usr/local/etc/unbound/root-trust-anchor", "wheel"); @chmod("/usr/local/etc/unbound/root-trust-anchor", 0600); + @chown("{$g['varlog_path']}/unbound.log", "unbound"); // We do not need the sample conf or the default rc.d startup file @unlink_if_exists("/usr/local/etc/unbound/unbound.conf.sample"); @unlink_if_exists("/usr/local/etc/rc.d/unbound"); @@ -274,9 +276,6 @@ function unbound_resync_config() { */ $unbound_config['harden-dnssec-stripped'] = "yes"; - // Syslog logging - $unbound_config['use-syslog'] = "yes"; - // Host entries $host_entries = unbound_add_host_entries(); @@ -299,7 +298,7 @@ do-ip6: no do-udp: yes do-tcp: yes do-daemonize: yes -statistics-interval: 300 +statistics-interval: 3600 extended-statistics: yes statistics-cumulative: no # Interface IP(s) to bind to @@ -307,7 +306,7 @@ statistics-cumulative: no chroot: "" username: "unbound" directory: "/usr/local/etc/unbound" -pidfile: "/var/run/unbound.pid" +pidfile: "{$g['varrun_path']}/unbound.pid" root-hints: "root.hints" harden-dnssec-stripped: {$unbound_config['harden-dnssec-stripped']} harden-referral-path: no @@ -316,7 +315,7 @@ private-address: 172.16.0.0/12 private-address: 192.168.0.0/16 prefetch: yes prefetch-key: yes -use-syslog: {$unbound_config['use-syslog']} +use-syslog: yes module-config: "{$module_config}" unwanted-reply-threshold: 10000000 {$anchor_file} @@ -409,6 +408,7 @@ function unbound_uninstall() { // Remove pkg config directory and startup file mwexec("rm -rf /usr/local/etc/unbound"); mwexec("rm -f /usr/local/etc/rc.d/unbound.sh"); + mwexec("rm -f {$g['varlog_path']}/unbound.log"); // Remove unbound user exec("/usr/sbin/pw userdel unbound"); diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 70b4c20e..1103a0fe 100755 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -975,6 +975,11 @@ <depends_on_package>openssl-1.0.0_2.tbz</depends_on_package> <build_port_path>/usr/ports/dns/unbound</build_port_path> <build_options>WITHOUT_MAN=true</build_options> + <logging> + <facilityname>unbound</facilityname> + <logfilename>unbound.log</logfilename> + <logtab>Unbound</logtab> + </logging> </package> <package> <name>Shellcmd</name> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index fd5f35ec..231c5976 100755 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -986,9 +986,16 @@ <configurationfile>unbound.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>unbound-1.4.7.tbz</depends_on_package> + <depends_on_package>expat-2.0.1_1.tbz</depends_on_package> + <depends_on_package>openssl-1.0.0_2.tbz</depends_on_package> <build_port_path>/usr/ports/dns/unbound</build_port_path> <build_options>WITHOUT_MAN=true</build_options> - </package> + <logging> + <facilityname>unbound</facilityname> + <logfilename>unbound.log</logfilename> + <logtab>Unbound</logtab> + </logging> + </package> <package> <name>Shellcmd</name> <website/> |