[Samba] Samba anonymous dns forwarding

lingpanda101 at gmail.com lingpanda101 at gmail.com
Thu Apr 21 12:26:18 UTC 2016 

On 4/20/2016 5:14 AM, Johannes Amorosa | Celluloid VFX wrote:
>
>
> On 04/18/2016 07:09 PM, lingpanda101 at gmail.com wrote:
>> On 4/18/2016 12:52 PM, Johannes Amorosa | Celluloid VFX wrote:
>>>
>>> On 04/15/2016 04:36 PM, lingpanda101 at gmail.com wrote:
>>>> On 4/15/2016 10:08 AM, Johannes Amorosa | Celluloid VFX wrote:
>>>>> Hello,
>>>>> we're using sambas internal DNS server.
>>>>>
>>>>> Is there a way to get rid of these messages in logfiles:
>>>>>
>>>>> /var/log/samba/log.samba:  Not authoritative for 
>>>>> 'static.ak.facebook.com', forwarding
>>>>> /var/log/samba/log.samba:  Not authoritative for 
>>>>> 's-static.ak.facebook.com', forwarding
>>>>> /var/log/samba/log.samba:  Not authoritative for 
>>>>> 's-static.ak.facebook.com', forwarding
>>>>> /var/log/samba/log.samba:  Not authoritative for 
>>>>> 's-static.ak.facebook.com', forwarding
>>>>> /var/log/samba/log.samba:  Not authoritative for 
>>>>> 'connect.facebook.net', forwarding
>>>>>
>>>>> Generally I want to keep privacy high for our users - when there 
>>>>> is no technical need of logging this,
>>>>> without tuning log level.
>>>>> JA
>>>>>
>>>> What log level are you currently using?
>>>>
>>> Log level 2, but basically we want to keep log level because we are 
>>> debugging.
>>>
>> I had the same issue. I eventually set up a central rsyslog server. 
>> You can drop them before they are sent.
>>
>>
>>
>
> Thanks for your reply. We need to centralize our logging anyway. Would 
> you mind sharing
> your smb and rsyslog snippets how you have done this?
>
>
Under global section of smb.conf add

log level = 0
logging = syslog at 1 file

See 'man smb.conf' for additional details on 'logging ='

The rsyslog.conf isn't so simple. It will need to be setup specific to 
how you have your central rsyslog server setup. But mine is

:msg, contains, "cron" stop
:msg, contains, "Connection closed by 172.16.232.27" stop

auth,authpriv,daemon,kern,lpr,mail,mark,news,syslog,user,uucp,local0,local1,local2,local3,local4,local5,local6,local7.* 
@172.16.232.45:514

Please see 'man rsyslog.conf' for additional details. The key command is 
':msg, contains,'. This is how I filter. Google search for 'rsyslog 
loganalyzer tutorial'. You can stip messages on the host before being 
sent or you can drop them on the server end.








-- 
-James

More information about the samba mailing list