[CVE-2019-6476] bind9.14.4,bind9.15.2 also Crash on centos7.6(source dist)
The new version i compiled ,it could work for a night,but this moring i found bind9.14.4 stopped its work at Jul 24 09:54:12 ,bind‘s log is below:
24-Jul-2019 09:54:05.652 queries: client @0x7f23d0029900 172.31.0.254#4157 (dns.weixin.qq.com): view internal: query: dns.weixin.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:06.064 queries: client @0x7f24302f2e90 172.31.0.254#24737 (commdata.v.qq.com): view internal: query: commdata.v.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:06.368 queries: client @0x7f23d800b640 172.31.0.254#39779 (www.w3.org): view internal: query: www.w3.org IN A + (172.31.0.215)
24-Jul-2019 09:54:06.874 queries: client @0x7f242000c490 172.31.0.254#51568 (captive.apple.com): view internal: query: captive.apple.com IN A + (172.31.0.215)
24-Jul-2019 09:54:06.915 queries: client @0x7f243025f910 172.31.0.254#10965 (sngmta.qq.com): view internal: query: sngmta.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.379 queries: client @0x7f23d800b640 172.31.0.254#39779 (www.google.com): view internal: query: www.google.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.527 queries: client @0x7f243029a810 172.31.0.254#24313 (commdata.v.qq.com): view internal: query: commdata.v.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.527 queries: client @0x7f24302e42d0 172.31.0.254#6291 (vv.video.qq.com): view internal: query: vv.video.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.527 queries: client @0x7f2430377850 172.31.0.254#20463 (sdksp.video.qq.com): view internal: query: sdksp.video.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.664 queries: client @0x7f23dc00bbe0 172.31.0.254#51632 (www.baidu.com): view internal: query: www.baidu.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.742 queries: client @0x7f2430224a10 172.31.0.254#4210 (btrace.qq.com): view internal: query: btrace.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:07.910 queries: client @0x7f243025f910 172.31.0.254#15511 (imgcache.qq.com): view internal: query: imgcache.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:08.390 queries: client @0x7f23d800b640 172.31.0.254#39779 (www.tplink.com): view internal: query: www.tplink.com IN A + (172.31.0.215)
24-Jul-2019 09:54:08.482 queries: client @0x7f241c028c50 172.31.0.254#19129 (mdevstat.qqlive.qq.com): view internal: query: mdevstat.qqlive.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:08.814 queries: client @0x7f2430310610 172.31.0.254#11047 (mazu.3g.qq.com): view internal: query: mazu.3g.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:08.842 queries: client @0x7f24302a93d0 172.31.0.254#43701 (a.root-servers.net): view internal: query: a.root-servers.net IN A + (172.31.0.215)
24-Jul-2019 09:54:09.045 queries: client @0x7f2430386410 172.31.0.254#15492 (connectivitycheck.platform.hicloud.com): view internal: query: connectivitycheck.platform.hicloud.com IN A + (172.31.0.215)
24-Jul-2019 09:54:09.401 queries: client @0x7f23d800b640 172.31.0.254#39779 (www.qq.com): view internal: query: www.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:09.715 queries: client @0x7f243034b510 172.31.0.254#58245 (www.baidu.com): view internal: query: www.baidu.com IN A + (172.31.0.215)
24-Jul-2019 09:54:09.785 queries: client @0x7f243034b510 211.139.181.230#60101 (www.mydomain.com): view external: query: www.mydomain.com IN A -E(0)DCK (172.31.0.215)
24-Jul-2019 09:54:10.412 queries: client @0x7f23d800b640 172.31.0.254#39779 (www.ieee.org): view internal: query: www.ieee.org IN A + (172.31.0.215)
24-Jul-2019 09:54:10.645 queries: client @0x7f23e8010ae0 172.31.0.254#701 (playlog.youku.com): view internal: query: playlog.youku.com IN A + (172.31.0.215)
24-Jul-2019 09:54:10.701 queries: client @0x7f243029a810 172.31.0.254#52441 (mazu-mmgr.3g.qq.com): view internal: query: mazu-mmgr.3g.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:10.923 queries: client @0x7f24302a93d0 172.31.0.254#11208 (clients1.google.com): view internal: query: clients1.google.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.378 queries: client @0x7f2430301a50 172.31.0.254#53235 (mb.yidianzixun.com): view internal: query: mb.yidianzixun.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.422 queries: client @0x7f23d800b640 172.31.0.254#39779 (www.w3.org): view internal: query: www.w3.org IN A + (172.31.0.215)
24-Jul-2019 09:54:11.609 queries: client @0x7f2430250d50 172.31.0.254#37700 (staticimg.yidianzixun.com): view internal: query: staticimg.yidianzixun.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.610 queries: client @0x7f23d801a200 172.31.0.254#56234 (static1.yidianzixun.com): view internal: query: static1.yidianzixun.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.612 queries: client @0x7f2400029360 172.31.0.254#34401 (static.yidianzixun.com): view internal: query: static.yidianzixun.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.764 queries: client @0x7f2430de9e20 172.31.0.254#48701 (www.baidu.com): view internal: query: www.baidu.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.835 queries: client @0x7f23d000b640 172.31.0.254#39876 (www.google.com): view internal: query: www.google.com IN A + (172.31.0.215)
24-Jul-2019 09:54:11.899 queries: client @0x7f24302b7f90 172.31.0.254#63406 (pool.ntp.org): view internal: query: pool.ntp.org IN A + (172.31.0.215)
24-Jul-2019 09:54:12.003 queries: client @0x7f2430242190 172.31.0.254#45255 (oth.str.mdt.qq.com): view internal: query: oth.str.mdt.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:12.003 queries: client @0x7f23d800b640 172.31.0.254#53639 (oth.eve.mdt.qq.com): view internal: query: oth.eve.mdt.qq.com IN A + (172.31.0.215)
24-Jul-2019 09:54:12.021 queries: client @0x7f2430de9e20 172.31.0.254#47907 (184.123.207.140.in-addr.arpa): view internal: query: 184.123.207.140.in-addr.arpa IN PTR + (172.31.0.215)
24-Jul-2019 09:54:12.028 queries: client @0x7f2430368c90 172.31.0.254#39072 (166.76.226.101.in-addr.arpa): view internal: query: 166.76.226.101.in-addr.arpa IN PTR + (172.31.0.215)this time the log did not show the info "exiting (due to assertion failure)",but the info appeared in Syslog:
Jul 24 09:10:29 localhost named[20102]: timed out resolving 'p-idle-miner.playfabapi.com/A/IN': 202.102.128.68#53
Jul 24 09:14:20 localhost named[20102]: timed out resolving 'guazi-vod.guazistatic.com.bsgslb.cn/A/IN': 219.146.1.66#53
Jul 24 09:14:47 localhost named[20102]: timed out resolving 'zs-stcmchina-com.cname.saaswaf.com/A/IN': 219.147.1.66#53
Jul 24 09:16:31 localhost named[20102]: timed out resolving 'p-idle-miner.playfabapi.com/CNAME/IN': 219.147.1.66#53
Jul 24 09:16:32 localhost named[20102]: timed out resolving 'p-idle-miner.playfabapi.com/CNAME/IN': 219.146.1.66#53
Jul 24 09:17:23 localhost named[20102]: client @0x7f2400029360 171.13.14.59#34784 (tjapi.news.so.com): view external: query failed (REFUSED) for tjapi.news.so.com/IN/A at query.c:5365
Jul 24 09:17:26 localhost named[20102]: client @0x7f243028bc50 171.13.14.37#29384 (dl.360safe.com): view external: query failed (REFUSED) for dl.360safe.com/IN/A at query.c:5365
Jul 24 09:17:29 localhost named[20102]: client @0x7f24200274f0 171.13.14.44#27816 (www.jumei.com): view external: query failed (REFUSED) for www.jumei.com/IN/A at query.c:5365
Jul 24 09:17:32 localhost named[20102]: client @0x7f2430de9e20 171.13.14.59#64416 (weibo.com): view external: query failed (REFUSED) for weibo.com/IN/A at query.c:5365
Jul 24 09:17:32 localhost named[20102]: timed out resolving 'd2k03kvdk5cku0.cloudfront.net/A/IN': 219.146.1.66#53
Jul 24 09:17:35 localhost named[20102]: client @0x7f243034b510 171.13.14.60#50928 (web.sogou.com): view external: query failed (REFUSED) for web.sogou.com/IN/A at query.c:5365
Jul 24 09:17:38 localhost named[20102]: client @0x7f241c037c50 171.13.14.62#2280 (www.duba.com): view external: query failed (REFUSED) for www.duba.com/IN/A at query.c:5365
Jul 24 09:17:41 localhost named[20102]: client @0x7f24302c6b50 171.13.14.40#44808 (hao.360.cn): view external: query failed (REFUSED) for hao.360.cn/IN/A at query.c:5365
Jul 24 09:17:44 localhost named[20102]: client @0x7f23e400faa0 171.13.14.50#15880 (www.360.cn): view external: query failed (REFUSED) for www.360.cn/IN/A at query.c:5365
Jul 24 09:17:47 localhost named[20102]: client @0x7f24302f2e90 171.13.14.53#56280 (tuan.360.cn): view external: query failed (REFUSED) for tuan.360.cn/IN/A at query.c:5365
Jul 24 09:17:51 localhost named[20102]: client @0x7f243032dd90 171.13.14.39#58632 (www.btime.com): view external: query failed (REFUSED) for www.btime.com/IN/A at query.c:5365
Jul 24 09:17:54 localhost named[20102]: client @0x7f243032dd90 171.13.14.59#41280 (v.360.cn): view external: query failed (REFUSED) for v.360.cn/IN/A at query.c:5365
Jul 24 09:17:57 localhost named[20102]: client @0x7f243032dd90 171.13.14.54#3360 (softdl.360tpcdn.com): view external: query failed (REFUSED) for softdl.360tpcdn.com/IN/A at query.c:5365
Jul 24 09:18:00 localhost named[20102]: client @0x7f2430301a50 171.13.14.39#25016 (click.union.vip.com): view external: query failed (REFUSED) for click.union.vip.com/IN/A at query.c:5365
Jul 24 09:18:03 localhost named[20102]: client @0x7f2430301a50 171.13.14.35#13512 (www.baidu.com): view external: query failed (REFUSED) for www.baidu.com/IN/A at query.c:5365
Jul 24 09:18:06 localhost named[20102]: client @0x7f23d000b640 171.13.14.47#11960 (www.114la.com): view external: query failed (REFUSED) for www.114la.com/IN/A at query.c:5365
Jul 24 09:18:09 localhost named[20102]: client @0x7f24302c6b50 171.13.14.53#61384 (www.haosou.com): view external: query failed (REFUSED) for www.haosou.com/IN/A at query.c:5365
Jul 24 09:18:12 localhost named[20102]: client @0x7f24302c6b50 171.13.14.57#20856 (so.360.cn): view external: query failed (REFUSED) for so.360.cn/IN/A at query.c:5365
Jul 24 09:18:15 localhost named[20102]: client @0x7f23d801a200 171.13.14.60#9496 (bizhi.360.cn): view external: query failed (REFUSED) for bizhi.360.cn/IN/A at query.c:5365
Jul 24 09:18:18 localhost named[20102]: client @0x7f241c00fc00 171.13.14.38#51168 (bbs.webscan.360.cn): view external: query failed (REFUSED) for bbs.webscan.360.cn/IN/A at query.c:5365
Jul 24 09:18:21 localhost named[20102]: client @0x7f241c028c50 171.13.14.39#64280 (v.sj.360.cn): view external: query failed (REFUSED) for v.sj.360.cn/IN/A at query.c:5365
Jul 24 09:18:24 localhost named[20102]: client @0x7f23d0029900 171.13.14.44#47928 (ai.taobao.com): view external: query failed (REFUSED) for ai.taobao.com/IN/A at query.c:5365
Jul 24 09:18:27 localhost named[20102]: client @0x7f23d0029900 171.13.14.50#25656 (www.hao123.com): view external: query failed (REFUSED) for www.hao123.com/IN/A at query.c:5365
Jul 24 09:18:30 localhost named[20102]: client @0x7f23e8010ae0 171.13.14.57#30632 (hao.qq.com): view external: query failed (REFUSED) for hao.qq.com/IN/A at query.c:5365
Jul 24 09:18:33 localhost named[20102]: client @0x7f241c037c50 171.13.14.58#41176 (123.chinaso.com): view external: query failed (REFUSED) for 123.chinaso.com/IN/A at query.c:5365
Jul 24 09:18:36 localhost named[20102]: client @0x7f243028bc50 171.13.14.41#11968 (soft.360.cn): view external: query failed (REFUSED) for soft.360.cn/IN/A at query.c:5365
Jul 24 09:18:39 localhost named[20102]: client @0x7f240001a200 171.13.14.53#1128 (cdn.soft.360.cn): view external: query failed (REFUSED) for cdn.soft.360.cn/IN/A at query.c:5365
Jul 24 09:18:42 localhost named[20102]: client @0x7f2420035f50 171.13.14.47#21688 (www.360kan.com): view external: query failed (REFUSED) for www.360kan.com/IN/A at query.c:5365
Jul 24 09:18:45 localhost named[20102]: client @0x7f2420035f50 171.13.14.46#46912 (jumpluna.58.com): view external: query failed (REFUSED) for jumpluna.58.com/IN/A at query.c:5365
Jul 24 09:18:48 localhost named[20102]: client @0x7f242000c490 171.13.14.62#42496 (s.click.taobao.com): view external: query failed (REFUSED) for s.click.taobao.com/IN/A at query.c:5365
Jul 24 09:18:51 localhost named[20102]: client @0x7f243029a810 171.13.14.49#50768 (123.sogou.com): view external: query failed (REFUSED) for 123.sogou.com/IN/A at query.c:5365
Jul 24 09:18:54 localhost named[20102]: client @0x7f2430310610 171.13.14.37#4656 (cx.soft.360.cn): view external: query failed (REFUSED) for cx.soft.360.cn/IN/A at query.c:5365
Jul 24 09:18:58 localhost named[20102]: client @0x7f2430310610 171.13.14.45#58960 (big.softdl.360tpcdn.com): view external: query failed (REFUSED) for big.softdl.360tpcdn.com/IN/A at query.c:5365
Jul 24 09:19:01 localhost named[20102]: client @0x7f23d8029900 171.13.14.50#17880 (down.360safe.com): view external: query failed (REFUSED) for down.360safe.com/IN/A at query.c:5365
Jul 24 09:19:04 localhost named[20102]: client @0x7f243031f1d0 171.13.14.48#40544 (intf.soft.360.cn): view external: query failed (REFUSED) for intf.soft.360.cn/IN/A at query.c:5365
Jul 24 09:19:07 localhost named[20102]: client @0x7f240000b640 171.13.14.61#53840 (www.chinaso.com): view external: query failed (REFUSED) for www.chinaso.com/IN/A at query.c:5365
Jul 24 09:19:10 localhost named[20102]: client @0x7f243028bc50 171.13.14.40#48392 (www.huajiao.com): view external: query failed (REFUSED) for www.huajiao.com/IN/A at query.c:5365
Jul 24 09:19:13 localhost named[20102]: client @0x7f240000b640 171.13.14.42#18720 (www.2345.com): view external: query failed (REFUSED) for www.2345.com/IN/A at query.c:5365
Jul 24 09:19:16 localhost named[20102]: client @0x7f24302d5710 171.13.14.54#34800 (www.uc123.com): view external: query failed (REFUSED) for www.uc123.com/IN/A at query.c:5365
Jul 24 09:19:19 localhost named[20102]: client @0x7f2430224a10 171.13.14.38#6968 (123.duba.net): view external: query failed (REFUSED) for 123.duba.net/IN/A at query.c:5365
Jul 24 09:19:22 localhost named[20102]: client @0x7f243025f910 171.13.14.54#6824 (www.sogou.com): view external: query failed (REFUSED) for www.sogou.com/IN/A at query.c:5365
Jul 24 09:19:25 localhost named[20102]: client @0x7f23e8010ae0 171.13.14.45#52352 (www.so.com): view external: query failed (REFUSED) for www.so.com/IN/A at query.c:5365
Jul 24 09:19:28 localhost named[20102]: client @0x7f243034b510 171.13.14.35#36240 (update.360safe.com): view external: query failed (REFUSED) for update.360safe.com/IN/A at query.c:5365
Jul 24 09:19:31 localhost named[20102]: client @0x7f24302d5710 171.13.14.39#30008 (baoku.360.cn): view external: query failed (REFUSED) for baoku.360.cn/IN/A at query.c:5365
Jul 24 09:19:34 localhost named[20102]: client @0x7f243025f910 171.13.14.45#4536 (speedball.xyx.wan.360.cn): view external: query failed (REFUSED) for speedball.xyx.wan.360.cn/IN/A at query.c:5365
Jul 24 09:19:37 localhost named[20102]: client @0x7f243035a0d0 171.13.14.54#39600 (yule.360.cn): view external: query failed (REFUSED) for yule.360.cn/IN/A at query.c:5365
Jul 24 09:19:40 localhost named[20102]: client @0x7f23dc00bbe0 171.13.14.45#37112 (union.click.jd.com): view external: query failed (REFUSED) for union.click.jd.com/IN/A at query.c:5365
Jul 24 09:19:43 localhost named[20102]: client @0x7f240000b640 171.13.14.60#27992 (daohang.qq.com): view external: query failed (REFUSED) for daohang.qq.com/IN/A at query.c:5365
Jul 24 09:19:59 localhost named[20102]: timed out resolving 'p2.ssl.qhimg.com/A/IN': 202.102.128.68#53
Jul 24 09:20:01 localhost systemd: Created slice User Slice of root.
Jul 24 09:20:01 localhost systemd: Started Session 6112 of user root.
Jul 24 09:20:01 localhost systemd: Removed slice User Slice of root.
Jul 24 09:21:04 localhost named[20102]: timed out resolving 'www.ieee.org/CNAME/IN': 202.102.128.68#53
Jul 24 09:21:57 localhost named[20102]: client @0x7f2430242190 74.82.47.50#12222 (dnsscan.shadowserver.org): view external: query failed (REFUSED) for dnsscan.shadowserver.org/IN/A at query.c:5365
Jul 24 09:22:16 localhost named[20102]: timed out resolving 'PC-20181106YLYQ.DHCP\032HOST/A/IN': 219.146.1.66#53
Jul 24 09:22:17 localhost named[20102]: timed out resolving 'PC-20181106YLYQ.DHCP\032HOST/A/IN': 219.147.1.66#53
Jul 24 09:24:06 localhost named[20102]: timed out resolving 'cms.jinan.cn/A/IN': 219.147.1.66#53
Jul 24 09:25:01 localhost systemd: Created slice User Slice of pcp.
Jul 24 09:25:01 localhost systemd: Started Session 6113 of user pcp.
Jul 24 09:25:01 localhost systemd: Removed slice User Slice of pcp.
Jul 24 09:25:38 localhost named[20102]: timed out resolving 'reg.hao.360.cn/A/IN': 202.102.128.68#53
Jul 24 09:25:38 localhost named[20102]: timed out resolving 'h2m.dmp.360.cn/A/IN': 202.102.128.68#53
Jul 24 09:28:01 localhost systemd: Created slice User Slice of pcp.
Jul 24 09:28:01 localhost systemd: Started Session 6114 of user pcp.
Jul 24 09:28:01 localhost systemd: Removed slice User Slice of pcp.
Jul 24 09:30:01 localhost systemd: Created slice User Slice of pcp.
Jul 24 09:30:01 localhost systemd: Started Session 6116 of user pcp.
Jul 24 09:30:01 localhost systemd: Created slice User Slice of root.
Jul 24 09:30:01 localhost systemd: Started Session 6115 of user root.
Jul 24 09:30:01 localhost systemd: Removed slice User Slice of root.
Jul 24 09:30:01 localhost systemd: Removed slice User Slice of pcp.
Jul 24 09:30:06 localhost named[20102]: timed out resolving 'wpad.DHCP\032HOST/A/IN': 219.146.1.66#53
Jul 24 09:30:59 localhost named[20102]: timed out resolving 'livetileedge.xbetservices.akadns.net/A/IN': 202.102.128.68#53
Jul 24 09:31:17 localhost named[20102]: timed out resolving 'www.google.cn/A/IN': 219.147.1.66#53
Jul 24 09:36:14 localhost named[20102]: timed out resolving 'mobilepics.ws.126.net.bsgslb.cn/A/IN': 202.102.128.68#53
Jul 24 09:37:10 localhost systemd-logind: New session 6117 of user hbh.
Jul 24 09:37:10 localhost systemd: Started Session 6117 of user hbh.
Jul 24 09:37:10 localhost dbus[8700]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
Jul 24 09:37:11 localhost dbus[8700]: [system] Successfully activated service 'org.freedesktop.problems'
Jul 24 09:37:19 localhost dbus[8700]: [system] Activating via systemd: service name='net.reactivated.Fprint' unit='fprintd.service'
Jul 24 09:37:19 localhost systemd: Starting Fingerprint Authentication Daemon...
Jul 24 09:37:19 localhost dbus[8700]: [system] Successfully activated service 'net.reactivated.Fprint'
Jul 24 09:37:19 localhost systemd: Started Fingerprint Authentication Daemon.
Jul 24 09:37:29 localhost su: (to root) hbh on pts/1
Jul 24 09:38:23 localhost named[20102]: client @0x7f23d800b640 1.192.90.183#11759 (www.ipplus360.com): view external: query failed (REFUSED) for www.ipplus360.com/IN/A at query.c:5365
Jul 24 09:38:24 localhost named[20102]: client @0x7f24302d5710 1.192.90.183#47631 (asijeicjaiowjojaoiejfa.com): view external: query failed (REFUSED) for asijeicjaiowjojaoiejfa.com/IN/A at query.c:5365
Jul 24 09:39:28 localhost named[20102]: timed out resolving '8.e.e.0.0.2.a.7.f.d.2.7.8.7.a.9.3.1.6.6.4.c.0.8.7.0.8.8.9.0.4.2.ip6.arpa/PTR/IN': 202.102.128.68#53
Jul 24 09:40:01 localhost systemd: Created slice User Slice of root.
Jul 24 09:40:01 localhost systemd: Started Session 6118 of user root.
Jul 24 09:40:01 localhost systemd: Removed slice User Slice of root.
Jul 24 09:41:51 localhost systemd-logind: New session 6119 of user hbh.
Jul 24 09:41:51 localhost systemd: Started Session 6119 of user hbh.
Jul 24 09:41:52 localhost dbus[8700]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
Jul 24 09:41:52 localhost dbus[8700]: [system] Successfully activated service 'org.freedesktop.problems'
Jul 24 09:41:59 localhost systemd-logind: Removed session 6119.
Jul 24 09:42:13 localhost systemd-logind: Removed session 6117.
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC] LFC_START Starting lease file cleanup
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC] LFC_PROCESSING Previous file: /usr/local/kea/var/kea/kea-leases6.csv.2, copy file: /usr/local/kea/var/kea/kea-leases6.csv.1
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC.dhcpsrv] DHCPSRV_MEMFILE_LEASE_FILE_LOAD loading leases from file /usr/local/kea/var/kea/kea-leases6.csv.2
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC.dhcpsrv] DHCPSRV_MEMFILE_LEASE_FILE_LOAD loading leases from file /usr/local/kea/var/kea/kea-leases6.csv.1
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC] LFC_READ_STATS Leases: 0, attempts: 2, errors: 0.
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC] LFC_WRITE_STATS Leases: 0, attempts: 0, errors: 0.
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC] LFC_ROTATING LFC rotating files
Jul 24 09:45:33 localhost DhcpLFC: INFO [DhcpLFC] LFC_TERMINATE LFC finished processing
Jul 24 09:46:17 localhost named[20102]: timed out resolving 'PC-20181106YLYQ.DHCP\032HOST/A/IN': 219.146.1.66#53
Jul 24 09:46:18 localhost named[20102]: timed out resolving 'PC-20181106YLYQ.DHCP\032HOST/A/IN': 219.147.1.66#53
Jul 24 09:47:47 localhost named[20102]: timed out resolving 'jprx.m.qq.com/A/IN': 219.146.1.66#53
Jul 24 09:50:02 localhost systemd: Created slice User Slice of root.
Jul 24 09:50:02 localhost systemd: Started Session 6120 of user root.
Jul 24 09:50:02 localhost systemd: Removed slice User Slice of root.
Jul 24 09:50:11 localhost named[20102]: timed out resolving 'wpad.DHCP\032HOST/A/IN': 219.147.1.66#53
Jul 24 09:52:32 localhost named[20102]: timed out resolving '2.5.8.2.d.7.9.0.8.e.5.5.3.4.5.4.6.4.1.3.4.e.2.8.7.0.8.8.9.0.4.2.ip6.arpa/PTR/IN': 202.102.128.68#53
Jul 24 09:52:33 localhost named[20102]: timed out resolving '2.5.8.2.d.7.9.0.8.e.5.5.3.4.5.4.6.4.1.3.4.e.2.8.7.0.8.8.9.0.4.2.ip6.arpa/PTR/IN': 219.147.1.66#53
Jul 24 09:54:12 localhost named[20102]: DNS format error from 202.102.128.68#53 resolving 184.123.207.140.in-addr.arpa/PTR for client 172.31.0.254#47907: non-improving referral
Jul 24 09:54:12 localhost named[20102]: FORMERR resolving '184.123.207.140.in-addr.arpa/PTR/IN': 202.102.128.68#53
Jul 24 09:54:12 localhost named[20102]: DNS format error from 219.147.1.66#53 resolving 184.123.207.140.in-addr.arpa/PTR for client 172.31.0.254#47907: non-improving referral
Jul 24 09:54:12 localhost named[20102]: FORMERR resolving '184.123.207.140.in-addr.arpa/PTR/IN': 219.147.1.66#53
Jul 24 09:54:12 localhost named[20102]: DNS format error from 219.146.1.66#53 resolving 184.123.207.140.in-addr.arpa/PTR for client 172.31.0.254#47907: non-improving referral
Jul 24 09:54:12 localhost named[20102]: FORMERR resolving '184.123.207.140.in-addr.arpa/PTR/IN': 219.146.1.66#53
Jul 24 09:54:12 localhost named[20102]: resolver.c:4932: INSIST(dns_name_issubdomain(&fctx->name, &fctx->domain)) failed
Jul 24 09:54:12 localhost named[20102]: exiting (due to assertion failure)then it died.
my configurations about bind are below:
named.conf:
acl "trusted"{
127.0.0.1/32;
218.57.138.208/28;
58.56.105.64/28;
192.168.0.0/16;
172.0.0.0/8;
173.0.0.0/8;
174.20.0.0/16;
193.0.0.0/8;
10.4.0.0/18;
};
#logging {
# channel query_log {
# file "query.log" versions 5 size 20m;
# #severity info;
# severity debug 10;
# print-time yes;
# print-category yes;
# };
# category queries {
# query_log;
# };
#};
options {
version "DNSSERVER1.1.1";
directory "/etc/named";
listen-on {172.31.0.215;127.0.0.1;};
forwarders {202.102.128.68;219.146.1.66;219.147.1.66;};
forward first;
#forward only;
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
recursion no;
allow-recursion {none;};
dnssec-enable no;
dnssec-validation no;
};
controls {
inet 127.0.0.1 port 953 allow {localhost;} keys {rndc_key;};
};
include "/etc/rndc.key";
view "internal" {
match-clients {trusted;};
recursion yes;
allow-recursion {trusted;};
#match-clients {any;};
#allow-recursion {any;};
zone "mydomain.com" {
type master;
file "db.mydomain.in";
};
zone "0.0.127.in-addr.arpa"{
type master;
file "db.127.0.0";
allow-update {none;};
allow-query {none;};
};
zone "138.57.218.in-addr.arpa"{
type master;
file "db.218.57.138";
};
zone "localhost" {
type master;
file "db.local";
};
zone "." {
type hint;
file "db.root";
};
};
view "external" {
match-clients {any;};
recursion no;
allow-recursion {none;};
zone "mydomain.com" {
type master;
file "db.mydomain.ex";
};
zone "138.57.218.in-addr.arpa"{
type master;
file "db.218.57.138";
};
zone "105.56.58.in-addr.arpa"{
type master;
file "db.58.56.105";
};
};db.218.57.
TTL 600 ; 1 hour
138.57.218.in-addr.arpa IN SOA ns3.mydomain.com dns.mydomain.com. (
18 ; serial
900 ; refresh (15 minutes)
600 ; retry (10 minutes)
86400 ; expire (1 day)
3600 ; minimum (1 hour)
)
NS ns1.mydomain.com.
NS ns2.mydomain.com.
NS ns3.mydomain.com.
$ORIGIN 138.57.218.in-addr.arpa.
211 PTR ns1.mydomain.com.
212 PTR ns2.mydomain.com.
217 PTR ns3.mydomain.com.
213 PTR www.mydomain.com.
214 PTR mail.mydomain.com.
215 PTR ftp.mydomain.com.
215 PTR go.mydomain.com.
217 PTR net.mydomain.com.bind9 run in chroot mode:
/usr/local/bind/sbin/named -4 -c /etc/named.conf -t /chroot/named -u named
any else infomation i can offer,please tell me if necessary. Best regards, 21848706@qq.com
thanks a lot !
Incident tracking page
https://wiki.isc.org/bin/view/Main/SecurityIncidentChecklist20196476QminAndForwarders