Topic: Constant DNS lookups to parysecund.com

[CharlieBrady]

Thanks chaps. I've tried disconnecting each client but still no joy. I will try later (when the users have gone home!) to disconnect all clients and just route the server directly to the internet. Then I can add clients one by one to see what happens.

You don't need to do that to learn who is triggering the DNS lookups. The dnscache log on your server will tell you. The log is in a rather cryptic format however, so you need to use a helper application to demystify the log messages a little.

Code: [Select]

/service/dnscache/dnscache-log.pl < /var/log/dnscache/current  | grep query | grep parysecund.com


[morpion]

Thanks Charlie.
That worked a treat and came straight up with the offending client.

@400000004bf402b735f2b8ec query 8372 192.168.70.9:52417:12550 a parysecund.com.

You're a star.

regards
Mike

[CharlieBrady]

You're a star.

Send beer. Preferably good stuff from Belgium.

You should also propagate the favour by adding an entry to the wiki about the use of dnscache-log.pl.