(moving this to the mailing list since the feature request
for privacy preserving logging got closed as wontfix
and this is not directly about that feature request)
bugzilla-daemon@nlnetlabs.nl:
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4241
--- Comment #2 from Wouter Wijngaards <wouter@nlnetlabs.nl> ---
Hi Nusenu,I think I can explain why you see additional log lines when you switch from
syslog to logfile. Unbound prints the same strings, but the 'info' or 'debug'
or 'error' level of the string makes syslog treat the lines differently. For
example, I believe FreeBSD comes with syslog software that will move non-errors
(eg. INFO or DEBUG flagged messages) to a different destination than the other
messages. After switching to a logfile, unbound prints all of them regardless
of level. You can also configure the syslog to not discard or move those
messages elsewhere, I do not really know the config precisely; but some have
features or messages per type, log level and source daemon.
How confident are you about unbound logging exactly the same thing to syslog and logfiles?
Here is what makes me less confident that the explanation above
actually applies here.
syslog is configured to include everything:
*.* /var/log/all.log
-> nothing in the log for multiple hours.
Switching unbound to logfile (from syslog) and in just a few minutes
I get multiple of these multi-line entries (sanitized example):
info: validator: error. failed to classify response message: ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; flags: qr ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
*********** IN AAAA
;; ANSWER SECTION:
*********** **** IN A ***********
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; MSG SIZE rcvd: ***
Note the "AAAA" vs. "A".
FreeBSD 12.0
unbound 1.9.1