[Logcheck-devel] Bug#443869: logcheck-database: [bind] notify question section contains no SOA
Frédéric Brière
fbriere at fbriere.net
Mon Sep 24 17:57:43 UTC 2007
Package: logcheck-database
Version: 1.2.61
Severity: wishlist
Here's a new rule for ignore.d.server/bind:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ named\[[0-9]+\]: (client [.#[:digit:]]+: )?notify question section contains no SOA$
This is apparently triggered by DJB's DNS survey
(<http://cr.yp.to/surveys/dns1.html>, packet #5). It doesn't show up
too often (I've seen it twice in the past month), but it's getting on my
nerves nonetheless.
(I don't think any sane DNS server, no matter how poorly configured,
would send such a malformed packet. And even if it did, the slaves will
automatically refresh their DNS record once it expires anyway.)
BTW, after hesitating a little, I caved in and left the "client" part
optional, just in case some poor schmo wants to backport this to sarge.
(See bug #303176 for more details.) Feel free to remove the "(" and
")?" if you favor readability over stone-age compatibility. :)
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.21-2-k7 (SMP w/1 CPU core)
Locale: LANG=en_CA.utf-8, LC_CTYPE=en_CA.utf-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-- debconf information excluded
More information about the Logcheck-devel
mailing list