named logging for category rpz misses some rpz log messages
Summary
When bind9/named is configured to log category rpz messages to a file, some rpz log messages are not captured and end up being sent to an incorrect destination.
BIND version used
BIND 9.18.19-1~deb12u1-Debian (Extended Support Version) id: running on Linux x86_64 5.10.0-26-amd64 #1 SMP Debian 5.10.197-1 (2023-09-29)
Steps to reproduce
Add the following stanza in named.conf.options:
logging {
channel rpzlog {
file "/var/log/named/rpz.log" versions unlimited size 100m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
category rpz { rpzlog; };
};
With this configuration for logging, most rpz log messages are properly sent to the intended file (NXDOMAIN items), but some rpz messages are not. So far, the ones that seem not to be properly captured by this log destination are rpz "passthru" lookups.
Example log messages that end up in the default syslog/journald rather than the configured log file:
Dec 10 01:29:41 somehostn named[327739]: client @0x7fee327a6568 127.0.0.1#35809 (some.domain.name): rpz QNAME PASSTHRU rewrite
some.domain.name/A/IN via some.domain.name.rpz.local
Dec 10 01:29:41 somehost named[327739]: client @0x7fee32785768 127.0.0.1#35809 (some.domain.name): rpz QNAME PASSTHRU rewrite
some.domain.name/AAAA/IN via some.domain.name.rpz.local
Example rpz entry that generates log entries that fail to go to the rpz category/destination:
some.domain.name CNAME rpz-passthru.
Example rpz entry that generates log entries that do go to the proper rpz category/destination:
other.domain.name CNAME .
What is the current bug behavior?
rpz passthru entries generate log messages that do not go to the intended category rpz
log destination.
What is the expected correct behavior?
All rpz log messages should be caught by category rpz
.
Relevant configuration files
see above