dns-oarc/dnscap
1
0
Fork 0
Code Issues Activity

Adding upstream version 2.1.0.

Browse source 
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
Daniel Baumann 2025-02-08 12:04:54 +01:00
parent c1205e3f08
commit 424ce939c2
Signed by: daniel
GPG key ID: FBB4F0E80A80222F
15 changed files with 147 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
configure vendored
View file

@ -1,6 +1,6 @@
#! /bin/sh #! /bin/sh
# Guess values for system-dependent variables and create Makefiles. # Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for dnscap 2.0.3. # Generated by GNU Autoconf 2.69 for dnscap 2.1.0.
# #
# Report bugs to <dnscap-users@dns-oarc.net>. # Report bugs to <dnscap-users@dns-oarc.net>.
# #
@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package. # Identity of this package.
PACKAGE_NAME='dnscap' PACKAGE_NAME='dnscap'
PACKAGE_TARNAME='dnscap' PACKAGE_TARNAME='dnscap'
PACKAGE_VERSION='2.0.3' PACKAGE_VERSION='2.1.0'
PACKAGE_STRING='dnscap 2.0.3' PACKAGE_STRING='dnscap 2.1.0'
PACKAGE_BUGREPORT='dnscap-users@dns-oarc.net' PACKAGE_BUGREPORT='dnscap-users@dns-oarc.net'
PACKAGE_URL='https://github.com/DNS-OARC/dnscap/issues' PACKAGE_URL='https://github.com/DNS-OARC/dnscap/issues'
@ -1353,7 +1353,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing. # Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh. # This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF cat <<_ACEOF
\`configure' configures dnscap 2.0.3 to adapt to many kinds of systems. \`configure' configures dnscap 2.1.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]... Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1424,7 +1424,7 @@ fi
if test -n "$ac_init_help"; then if test -n "$ac_init_help"; then
case $ac_init_help in case $ac_init_help in
short | recursive ) echo "Configuration of dnscap 2.0.3:";; short | recursive ) echo "Configuration of dnscap 2.1.0:";;
esac esac
cat <<\_ACEOF cat <<\_ACEOF
@ -1556,7 +1556,7 @@ fi
test -n "$ac_init_help" && exit $ac_status test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then if $ac_init_version; then
cat <<\_ACEOF cat <<\_ACEOF
dnscap configure 2.0.3 dnscap configure 2.1.0
generated by GNU Autoconf 2.69 generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc. Copyright (C) 2012 Free Software Foundation, Inc.
@ -1979,7 +1979,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake. running configure, to aid debugging if configure makes a mistake.
It was created by dnscap $as_me 2.0.3, which was It was created by dnscap $as_me 2.1.0, which was
generated by GNU Autoconf 2.69. Invocation command line was generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@ $ $0 $@
@ -2842,7 +2842,7 @@ fi
# Define the identity of the package. # Define the identity of the package.
PACKAGE='dnscap' PACKAGE='dnscap'
VERSION='2.0.3' VERSION='2.1.0'
cat >>confdefs.h <<_ACEOF cat >>confdefs.h <<_ACEOF
@ -15015,7 +15015,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their # report actual input values of CONFIG_FILES etc. instead of their
# values after options handling. # values after options handling.
ac_log=" ac_log="
This file was extended by dnscap $as_me 2.0.3, which was This file was extended by dnscap $as_me 2.1.0, which was
generated by GNU Autoconf 2.69. Invocation command line was generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES CONFIG_FILES = $CONFIG_FILES
@ -15082,7 +15082,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\ ac_cs_version="\\
dnscap config.status 2.0.3 dnscap config.status 2.1.0
configured by $0, generated by GNU Autoconf 2.69, configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\" with options \\"\$ac_cs_config\\"

2
configure.ac
View file

@ -33,7 +33,7 @@
# POSSIBILITY OF SUCH DAMAGE. # POSSIBILITY OF SUCH DAMAGE.
AC_PREREQ(2.61) AC_PREREQ(2.61)
AC_INIT([dnscap], [2.0.3], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues]) AC_INIT([dnscap], [2.1.0], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues])
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects]) AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
AC_CONFIG_SRCDIR([src/dnscap.c]) AC_CONFIG_SRCDIR([src/dnscap.c])
AC_CONFIG_HEADER([src/config.h]) AC_CONFIG_HEADER([src/config.h])

5
plugins/eventlog/Makefile.am
View file

@ -4,11 +4,12 @@ CLEANFILES = *.gcda *.gcno *.gcov
AM_CFLAGS = -I$(srcdir) \ AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \ -I$(top_srcdir)/src \
-I$(top_srcdir)/isc \ -I$(top_srcdir)/isc \
$(SECCOMPFLAGS) $(SECCOMPFLAGS) \
$(libldns_CFLAGS)
pkglib_LTLIBRARIES = eventlog.la pkglib_LTLIBRARIES = eventlog.la
eventlog_la_SOURCES = eventlog.c eventlog_la_SOURCES = eventlog.c
eventlog_la_LDFLAGS = -module -avoid-version eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh TESTS = test1.sh
EXTRA_DIST = $(TESTS) EXTRA_DIST = $(TESTS)

5
plugins/eventlog/Makefile.in
View file

@ -520,11 +520,12 @@ CLEANFILES = *.gcda *.gcno *.gcov test1.out *.pcap-dist
AM_CFLAGS = -I$(srcdir) \ AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \ -I$(top_srcdir)/src \
-I$(top_srcdir)/isc \ -I$(top_srcdir)/isc \
$(SECCOMPFLAGS) $(SECCOMPFLAGS) \
$(libldns_CFLAGS)
pkglib_LTLIBRARIES = eventlog.la pkglib_LTLIBRARIES = eventlog.la
eventlog_la_SOURCES = eventlog.c eventlog_la_SOURCES = eventlog.c
eventlog_la_LDFLAGS = -module -avoid-version eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh TESTS = test1.sh
EXTRA_DIST = $(TESTS) EXTRA_DIST = $(TESTS)
all: all-am all: all-am

5
plugins/royparse/Makefile.am
View file

@ -4,11 +4,12 @@ CLEANFILES = *.gcda *.gcno *.gcov
AM_CFLAGS = -I$(srcdir) \ AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \ -I$(top_srcdir)/src \
-I$(top_srcdir)/isc \ -I$(top_srcdir)/isc \
$(SECCOMPFLAGS) $(SECCOMPFLAGS) \
$(libldns_CFLAGS)
pkglib_LTLIBRARIES = royparse.la pkglib_LTLIBRARIES = royparse.la
royparse_la_SOURCES = royparse.c royparse_la_SOURCES = royparse.c
royparse_la_LDFLAGS = -module -avoid-version royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh TESTS = test1.sh
EXTRA_DIST = $(TESTS) EXTRA_DIST = $(TESTS)

5
plugins/royparse/Makefile.in
View file

@ -520,11 +520,12 @@ CLEANFILES = *.gcda *.gcno *.gcov test1.out* *.pcap-dist
AM_CFLAGS = -I$(srcdir) \ AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \ -I$(top_srcdir)/src \
-I$(top_srcdir)/isc \ -I$(top_srcdir)/isc \
$(SECCOMPFLAGS) $(SECCOMPFLAGS) \
$(libldns_CFLAGS)
pkglib_LTLIBRARIES = royparse.la pkglib_LTLIBRARIES = royparse.la
royparse_la_SOURCES = royparse.c royparse_la_SOURCES = royparse.c
royparse_la_LDFLAGS = -module -avoid-version royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh TESTS = test1.sh
EXTRA_DIST = $(TESTS) EXTRA_DIST = $(TESTS)
all: all-am all: all-am

9
plugins/rssm/dnscap-rssm-rssac002
View file

@ -37,7 +37,7 @@ use warnings;
use YAML; use YAML;
unless (scalar @ARGV > 1) { unless (scalar @ARGV > 1) {
print "usage: dnscap-rssm-rssac002 [--no-recompile|--keep-dnscap-rssm|--sort] <YAML files to merge...>\n"; print "usage: dnscap-rssm-rssac002 [--no-recompile|--keep-dnscap-rssm|--sort|--skip-unsupported] <YAML files to merge...>\n";
exit(1); exit(1);
} }
@ -46,6 +46,7 @@ my $earliest_start_period;
my $recompile = 1; my $recompile = 1;
my $keep_dnscap_rssm = 0; my $keep_dnscap_rssm = 0;
my $sort = 0; my $sort = 0;
my $skip_unsupported = 0;
foreach my $file (@ARGV) { foreach my $file (@ARGV) {
if ($file eq '--no-recompile') { if ($file eq '--no-recompile') {
@ -57,6 +58,9 @@ foreach my $file (@ARGV) {
} elsif ($file eq '--sort') { } elsif ($file eq '--sort') {
$sort = 1; $sort = 1;
next; next;
} elsif ($file eq '--skip-unsupported') {
$skip_unsupported = 1;
next;
} }
foreach my $doc (YAML::LoadFile($file)) { foreach my $doc (YAML::LoadFile($file)) {
my $version = delete $doc->{version}; my $version = delete $doc->{version};
@ -76,6 +80,9 @@ foreach my $file (@ARGV) {
die "$file: not valid RSSAC002 YAML, missing metric"; die "$file: not valid RSSAC002 YAML, missing metric";
} }
unless ($version eq 'rssac002v3') { unless ($version eq 'rssac002v3') {
if ($skip_unsupported) {
next;
}
die "$file: unsupported RSSAC002 version $version"; die "$file: unsupported RSSAC002 version $version";
} }

37
plugins/rssm/rssm.c
View file

@ -75,6 +75,9 @@ static int aggregated_into_counters = 0;
static char* service_name = 0; static char* service_name = 0;
static int rssac002v3_yaml = 0; static int rssac002v3_yaml = 0;
// RSSAC002v5 draft metrics
static int label_count = 0;
output_t rssm_output; output_t rssm_output;
#define MAX_SIZE_INDEX 4096 #define MAX_SIZE_INDEX 4096
@ -82,6 +85,7 @@ output_t rssm_output;
#define MAX_TBL_ADDRS 2000000 #define MAX_TBL_ADDRS 2000000
#define MAX_TBL_ADDRS2 200000 #define MAX_TBL_ADDRS2 200000
#define MAX_RCODE (1 << 12) #define MAX_RCODE (1 << 12)
#define MAX_LABELS 128
typedef struct { typedef struct {
hashtbl* tbl; hashtbl* tbl;
@ -111,6 +115,7 @@ struct {
uint64_t udp_response_size[MAX_SIZE_INDEX]; uint64_t udp_response_size[MAX_SIZE_INDEX];
uint64_t tcp_response_size[MAX_SIZE_INDEX]; uint64_t tcp_response_size[MAX_SIZE_INDEX];
uint64_t rcodes[MAX_RCODE]; uint64_t rcodes[MAX_RCODE];
uint64_t labels[MAX_LABELS];
my_hashtbl sources; my_hashtbl sources;
my_hashtbl2 aggregated; my_hashtbl2 aggregated;
uint64_t num_ipv4_sources; uint64_t num_ipv4_sources;
@ -178,13 +183,14 @@ void rssm_usage()
"\t with the prefix \"aggregated-source\" or ...\n" "\t with the prefix \"aggregated-source\" or ...\n"
"\t-a <name> write aggregated IPv6(/64) sources to\n" "\t-a <name> write aggregated IPv6(/64) sources to\n"
"\t <name>.<timesec>.<timeusec>\n" "\t <name>.<timesec>.<timeusec>\n"
"\t-L Add \"label-count\" metric (RSSAC002v5 WIP)\n"
"\t-D don't fork on close\n"); "\t-D don't fork on close\n");
} }
void rssm_getopt(int* argc, char** argv[]) void rssm_getopt(int* argc, char** argv[])
{ {
int c; int c;
while ((c = getopt(*argc, *argv, "?w:Yn:Ss:Aa:D")) != EOF) { while ((c = getopt(*argc, *argv, "?w:Yn:Ss:Aa:DL")) != EOF) {
switch (c) { switch (c) {
case 'w': case 'w':
if (counts_prefix) if (counts_prefix)
@ -218,6 +224,9 @@ void rssm_getopt(int* argc, char** argv[])
case 'D': case 'D':
dont_fork_on_close = 1; dont_fork_on_close = 1;
break; break;
case 'L':
label_count = 1;
break;
case '?': case '?':
rssm_usage(); rssm_usage();
if (!optopt || optopt == '?') { if (!optopt || optopt == '?') {
@ -424,6 +433,15 @@ void rssm_save_counts(const char* sbuf)
fprintf(fp, "aggregated-sources: {}\n"); fprintf(fp, "aggregated-sources: {}\n");
} }
} }
if (label_count) {
fprintf(fp, "\n---\nversion: rssac002v5-draft\nservice: %s\nstart-period: %s\nmetric: label-count\n", service_name, tz);
for (i = 0; i < MAX_LABELS; i++) {
if (counts.labels[i]) {
fprintf(fp, "%d: %" PRIu64 "\n", i, counts.labels[i]);
}
}
}
} else { } else {
fprintf(fp, "first-packet-time %ld\n", (long)open_ts.tv_sec); fprintf(fp, "first-packet-time %ld\n", (long)open_ts.tv_sec);
fprintf(fp, "last-packet-time %ld\n", (long)close_ts.tv_sec); fprintf(fp, "last-packet-time %ld\n", (long)close_ts.tv_sec);
@ -474,6 +492,13 @@ void rssm_save_counts(const char* sbuf)
fprintf(fp, "aggregated-source %s %" PRIu64 "\n", ia_str(counts.aggregated.addrs[i]), counts.aggregated.count[i]); fprintf(fp, "aggregated-source %s %" PRIu64 "\n", ia_str(counts.aggregated.addrs[i]), counts.aggregated.count[i]);
} }
} }
if (label_count) {
for (i = 0; i < MAX_LABELS; i++) {
if (counts.labels[i]) {
fprintf(fp, "label-count %d %" PRIu64 "\n", i, counts.labels[i]);
}
}
}
} }
fclose(fp); fclose(fp);
fprintf(stderr, "rssm: done\n"); fprintf(stderr, "rssm: done\n");
@ -666,6 +691,16 @@ void rssm_output(const char* descr, iaddr from, iaddr to, uint8_t proto, unsigne
counts.dns_tcp_queries_received_ipv6++; counts.dns_tcp_queries_received_ipv6++;
} }
} }
if (label_count) {
ldns_rr_list* question_list = ldns_pkt_question(pkt);
if (question_list) {
ldns_rr* rr = ldns_rr_list_rr(question_list, 0);
if (rr) {
uint8_t lc = ldns_rr_label_count(rr);
counts.labels[lc < MAX_LABELS ? lc : MAX_LABELS - 1] += 1;
}
}
}
} else { } else {
uint16_t rcode = ldns_pkt_get_rcode(pkt); uint16_t rcode = ldns_pkt_get_rcode(pkt);
if (IPPROTO_UDP == proto) { if (IPPROTO_UDP == proto) {

8
plugins/rssm/test1.gold
View file

@ -56,3 +56,11 @@ service: test1
start-period: 2016-10-20T15:23:01Z start-period: 2016-10-20T15:23:01Z
metric: dnscap-rssm-aggregated-sources metric: dnscap-rssm-aggregated-sources
aggregated-sources: {} aggregated-sources: {}
---
version: rssac002v5-draft
service: test1
start-period: 2016-10-20T15:23:01Z
metric: label-count
2: 24
6: 17

2
plugins/rssm/test1.sh
View file

@ -6,6 +6,6 @@ if [ -z "$plugin" ]; then
exit 1 exit 1
fi fi
../../src/dnscap -N -T -r "$srcdir/../../src/test/dns.pcap" -P "$plugin" -w test1 -Y -n test1 -A -S -D ../../src/dnscap -N -T -r "$srcdir/../../src/test/dns.pcap" -P "$plugin" -w test1 -Y -n test1 -A -S -D -L
diff test1.20161020.152301.075993 "$srcdir/test1.gold" diff test1.20161020.152301.075993 "$srcdir/test1.gold"

2
plugins/rssm/test2.sh
View file

@ -1,5 +1,5 @@
#!/bin/sh -xe #!/bin/sh -xe
"$srcdir"/dnscap-rssm-rssac002 --sort "$srcdir/test1.gold" "$srcdir/test1.gold" "$srcdir/test1.gold" > test2.out "$srcdir"/dnscap-rssm-rssac002 --skip-unsupported --sort "$srcdir/test1.gold" "$srcdir/test1.gold" "$srcdir/test1.gold" > test2.out
diff test2.out "$srcdir/test2.gold" diff test2.out "$srcdir/test2.gold"

52
src/daemon.c
View file

@ -224,6 +224,57 @@ void drop_privileges(void)
#endif #endif
} }
void write_pid_file(void)
{
FILE* fp;
int fd, flags;
struct flock lock;
if (!options.pid_file)
return;
if ((fd = open(options.pid_file, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR)) == -1) {
fprintf(stderr, "unable to open PID file %s: %s", options.pid_file, strerror(errno));
exit(1);
}
if ((flags = fcntl(fd, F_GETFD)) == -1) {
fprintf(stderr, "unable to get PID file flags: %s", strerror(errno));
exit(1);
}
flags |= FD_CLOEXEC;
if (fcntl(fd, F_SETFD, flags) == 1) {
fprintf(stderr, "unable to set PID file flags: %s", strerror(errno));
exit(1);
}
lock.l_type = F_WRLCK;
lock.l_whence = SEEK_SET;
lock.l_start = 0;
lock.l_len = 0;
if (fcntl(fd, F_SETLK, &lock) == -1) {
if (errno == EACCES || errno == EAGAIN) {
fprintf(stderr, "PID file locked by other process");
exit(1);
}
fprintf(stderr, "unable to lock PID file: %s", strerror(errno));
exit(1);
}
if (ftruncate(fd, 0) == -1) {
fprintf(stderr, "unable to truncate PID file: %s", strerror(errno));
exit(1);
}
fp = fdopen(fd, "w");
if (!fp || fprintf(fp, "%d\n", getpid()) < 1 || fflush(fp)) {
fprintf(stderr, "unable to write to PID file: %s", strerror(errno));
exit(1);
}
}
void daemonize(void) void daemonize(void)
{ {
pid_t pid; pid_t pid;
@ -235,6 +286,7 @@ void daemonize(void)
exit(1); exit(1);
} else if (pid > 0) } else if (pid > 0)
exit(0); exit(0);
write_pid_file();
openlog("dnscap", 0, LOG_DAEMON); openlog("dnscap", 0, LOG_DAEMON);
if (setsid() < 0) { if (setsid() < 0) {
logerr("setsid failed: %s", strerror(errno)); logerr("setsid failed: %s", strerror(errno));

3
src/dnscap.1.in
View file

@ -163,6 +163,9 @@ functions, unless options
.B \-N .B \-N
is given or only reading from files. is given or only reading from files.
.TP .TP
.BI "\-o pid_file" =...
Specify the file to write the PID to when running as a daemon (default none).
.TP
.BI "\-o user" =... .BI "\-o user" =...
Specify the user to drop privileges to (default nobody). Specify the user to drop privileges to (default nobody).
.TP .TP

11
src/options.c
View file

@ -228,6 +228,13 @@ int option_parse(options_t* options, const char* option)
options->bpf_hosts_apply_all = 1; options->bpf_hosts_apply_all = 1;
return 0; return 0;
} }
} else if (have("pid_file")) {
if (options->pid_file) {
free(options->pid_file);
}
if ((options->pid_file = strdup(argument))) {
return 0;
}
} }
return 1; return 1;
@ -244,5 +251,9 @@ void options_free(options_t* options)
free(options->group); free(options->group);
options->group = 0; options->group = 0;
} }
if (options->pid_file) {
free(options->pid_file);
options->pid_file = 0;
}
} }
} }

4
src/options.h
View file

@ -71,6 +71,8 @@ enum dump_format {
0, 0, 0, 0, 0, 0, 0, \ 0, 0, 0, 0, 0, 0, 0, \
\ \
0, 0, 0, 0, 0, \ 0, 0, 0, 0, 0, \
\
0, \
\ \
0 \ 0 \
} }
@ -113,6 +115,8 @@ struct options {
int reassemble_tcp_bfbparsedns; int reassemble_tcp_bfbparsedns;
int bpf_hosts_apply_all; int bpf_hosts_apply_all;
char* pid_file;
}; };
int option_parse(options_t* options, const char* option); int option_parse(options_t* options, const char* option);