dns-oarc/dnscap
1
0
Fork 0
Code Issues Activity

Merging upstream version 2.2.0.

Browse source 
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
Daniel Baumann 2025-02-08 12:14:13 +01:00
parent d4077ab8a7
commit 72036a2e80
Signed by: daniel
GPG key ID: FBB4F0E80A80222F
113 changed files with 10899 additions and 6499 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -191,12 +191,9 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
CSCOPE = cscope
DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in ar-lib compile config.guess \
config.sub install-sh ltmain.sh missing
am__DIST_COMMON = $(srcdir)/Makefile.in README.md ar-lib compile \
config.guess config.sub install-sh ltmain.sh missing
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
@ -235,6 +232,8 @@ am__relativize = \
DIST_ARCHIVES = $(distdir).tar.gz
GZIP_ENV = --best
DIST_TARGETS = dist-gzip
# Exists only to be overridden by the user if desired.
AM_DISTCHECK_DVI_TARGET = dvi
distuninstallcheck_listfiles = find . -type f -print
am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
| sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
@ -252,6 +251,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -262,6 +263,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -548,7 +550,6 @@ cscopelist-am: $(am__tagged_files)
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-rm -f cscope.out cscope.in.out cscope.po.out cscope.files
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
@ -632,6 +633,10 @@ dist-xz: distdir
tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
$(am__post_remove_distdir)
dist-zstd: distdir
tardir=$(distdir) && $(am__tar) | zstd -c $${ZSTD_CLEVEL-$${ZSTD_OPT--19}} >$(distdir).tar.zst
$(am__post_remove_distdir)
dist-tarZ: distdir
@echo WARNING: "Support for distribution archives compressed with" \
"legacy program 'compress' is deprecated." >&2
@ -674,6 +679,8 @@ distcheck: dist
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \
unzip $(distdir).zip ;;\
*.tar.zst*) \
zstd -dc $(distdir).tar.zst | $(am__untar) ;;\
esac
chmod -R a-w $(distdir)
chmod u+w $(distdir)
@ -689,7 +696,7 @@ distcheck: dist
$(DISTCHECK_CONFIGURE_FLAGS) \
--srcdir=../.. --prefix="$$dc_install_base" \
&& $(MAKE) $(AM_MAKEFLAGS) \
&& $(MAKE) $(AM_MAKEFLAGS) dvi \
&& $(MAKE) $(AM_MAKEFLAGS) $(AM_DISTCHECK_DVI_TARGET) \
&& $(MAKE) $(AM_MAKEFLAGS) check \
&& $(MAKE) $(AM_MAKEFLAGS) install \
&& $(MAKE) $(AM_MAKEFLAGS) installcheck \
@ -859,18 +866,19 @@ uninstall-am: uninstall-dist_docDATA
am--refresh check check-am clean clean-cscope clean-generic \
clean-libtool cscope cscopelist-am ctags ctags-am dist \
dist-all dist-bzip2 dist-gzip dist-lzip dist-shar dist-tarZ \
dist-xz dist-zip distcheck distclean distclean-generic \
distclean-libtool distclean-tags distcleancheck distdir \
distuninstallcheck dvi dvi-am gcov-am gcov-local html html-am \
info info-am install install-am install-data install-data-am \
install-dist_docDATA install-dvi install-dvi-am install-exec \
install-exec-am install-html install-html-am install-info \
install-info-am install-man install-pdf install-pdf-am \
install-ps install-ps-am install-strip installcheck \
installcheck-am installdirs installdirs-am maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-generic \
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-dist_docDATA
dist-xz dist-zip dist-zstd distcheck distclean \
distclean-generic distclean-libtool distclean-tags \
distcleancheck distdir distuninstallcheck dvi dvi-am gcov-am \
gcov-local html html-am info info-am install install-am \
install-data install-data-am install-dist_docDATA install-dvi \
install-dvi-am install-exec install-exec-am install-html \
install-html-am install-info install-info-am install-man \
install-pdf install-pdf-am install-ps install-ps-am \
install-strip installcheck installcheck-am installdirs \
installdirs-am maintainer-clean maintainer-clean-generic \
mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
ps ps-am tags tags-am uninstall uninstall-am \
uninstall-dist_docDATA
.PRECIOUS: Makefile

2
README.md
View file

@ -39,7 +39,7 @@ To install the dependencies under Debian/Ubuntu:
apt-get install -y libpcap-dev libldns-dev zlib1g-dev libyaml-perl libssl-dev
```
To install the dependencies under CentOS (with EPEL enabled):
To install the dependencies under CentOS (with EPEL/PowerTools enabled):
```
yum install -y libpcap-devel ldns-devel openssl-devel zlib-devel perl-YAML
```

93
aclocal.m4 vendored
View file

@ -1,6 +1,6 @@
# generated automatically by aclocal 1.16.1 -*- Autoconf -*-
# generated automatically by aclocal 1.16.5 -*- Autoconf -*-
# Copyright (C) 1996-2018 Free Software Foundation, Inc.
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -14,15 +14,15 @@
m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])])
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],,
[m4_warning([this file was generated for autoconf 2.69.
m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.71],,
[m4_warning([this file was generated for autoconf 2.71.
You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically 'autoreconf'.])])
dnl pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
dnl serial 11 (pkg-config-0.29.1)
dnl
# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
# serial 12 (pkg-config-0.29.2)
dnl Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
dnl Copyright © 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
dnl
@ -63,7 +63,7 @@ dnl
dnl See the "Since" comment for each macro you use to see what version
dnl of the macros you require.
m4_defun([PKG_PREREQ],
[m4_define([PKG_MACROS_VERSION], [0.29.1])
[m4_define([PKG_MACROS_VERSION], [0.29.2])
m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1,
[m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])])
])dnl PKG_PREREQ
@ -164,7 +164,7 @@ AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
pkg_failed=no
AC_MSG_CHECKING([for $1])
AC_MSG_CHECKING([for $2])
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
@ -296,7 +296,7 @@ AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])dnl PKG_CHECK_VAR
# Copyright (C) 2002-2018 Free Software Foundation, Inc.
# Copyright (C) 2002-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -311,7 +311,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.16'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.16.1], [],
m4_if([$1], [1.16.5], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@ -327,12 +327,12 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.16.1])dnl
[AM_AUTOMAKE_VERSION([1.16.5])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# Copyright (C) 2011-2018 Free Software Foundation, Inc.
# Copyright (C) 2011-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -394,7 +394,7 @@ AC_SUBST([AR])dnl
# AM_AUX_DIR_EXPAND -*- Autoconf -*-
# Copyright (C) 2001-2018 Free Software Foundation, Inc.
# Copyright (C) 2001-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -446,7 +446,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`
# AM_CONDITIONAL -*- Autoconf -*-
# Copyright (C) 1997-2018 Free Software Foundation, Inc.
# Copyright (C) 1997-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -477,7 +477,7 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]])
fi])])
# Copyright (C) 1999-2018 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -668,7 +668,7 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl
# Generate code to set up dependency tracking. -*- Autoconf -*-
# Copyright (C) 1999-2018 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -707,7 +707,9 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
done
if test $am_rc -ne 0; then
AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. Try re-running configure with the
for automatic dependency tracking. If GNU make was not used, consider
re-running the configure script with MAKE="gmake" (or whatever is
necessary). You can also try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking).])
fi
@ -734,7 +736,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
# AM_EXTRA_RECURSIVE_TARGETS -*- Autoconf -*-
# Copyright (C) 2012-2018 Free Software Foundation, Inc.
# Copyright (C) 2012-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -751,7 +753,7 @@ AC_DEFUN([AM_EXTRA_RECURSIVE_TARGETS], [])
# Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996-2018 Free Software Foundation, Inc.
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -779,6 +781,10 @@ m4_defn([AC_PROG_CC])
# release and drop the old call support.
AC_DEFUN([AM_INIT_AUTOMAKE],
[AC_PREREQ([2.65])dnl
m4_ifdef([_$0_ALREADY_INIT],
[m4_fatal([$0 expanded multiple times
]m4_defn([_$0_ALREADY_INIT]))],
[m4_define([_$0_ALREADY_INIT], m4_expansion_stack)])dnl
dnl Autoconf wants to disallow AM_ names. We explicitly allow
dnl the ones we care about.
m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl
@ -815,7 +821,7 @@ m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl
[_AM_SET_OPTIONS([$1])dnl
dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT.
m4_if(
m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]),
m4_ifset([AC_PACKAGE_NAME], [ok]):m4_ifset([AC_PACKAGE_VERSION], [ok]),
[ok:ok],,
[m4_fatal([AC_INIT should be called with package and version arguments])])dnl
AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl
@ -867,6 +873,20 @@ AC_PROVIDE_IFELSE([AC_PROG_OBJCXX],
[m4_define([AC_PROG_OBJCXX],
m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl
])
# Variables for tags utilities; see am/tags.am
if test -z "$CTAGS"; then
CTAGS=ctags
fi
AC_SUBST([CTAGS])
if test -z "$ETAGS"; then
ETAGS=etags
fi
AC_SUBST([ETAGS])
if test -z "$CSCOPE"; then
CSCOPE=cscope
fi
AC_SUBST([CSCOPE])
AC_REQUIRE([AM_SILENT_RULES])dnl
dnl The testsuite driver may need to know about EXEEXT, so add the
dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This
@ -948,7 +968,7 @@ for _am_header in $config_headers :; do
done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001-2018 Free Software Foundation, Inc.
# Copyright (C) 2001-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -969,7 +989,7 @@ if test x"${install_sh+set}" != xset; then
fi
AC_SUBST([install_sh])])
# Copyright (C) 2003-2018 Free Software Foundation, Inc.
# Copyright (C) 2003-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -990,7 +1010,7 @@ AC_SUBST([am__leading_dot])])
# Check to see how 'make' treats includes. -*- Autoconf -*-
# Copyright (C) 2001-2018 Free Software Foundation, Inc.
# Copyright (C) 2001-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1033,7 +1053,7 @@ AC_SUBST([am__quote])])
# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
# Copyright (C) 1997-2018 Free Software Foundation, Inc.
# Copyright (C) 1997-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1054,12 +1074,7 @@ AC_DEFUN([AM_MISSING_HAS_RUN],
[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
AC_REQUIRE_AUX_FILE([missing])dnl
if test x"${MISSING+set}" != xset; then
case $am_aux_dir in
*\ * | *\ *)
MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;;
*)
MISSING="\${SHELL} $am_aux_dir/missing" ;;
esac
MISSING="\${SHELL} '$am_aux_dir/missing'"
fi
# Use eval to expand $SHELL
if eval "$MISSING --is-lightweight"; then
@ -1072,7 +1087,7 @@ fi
# Helper functions for option handling. -*- Autoconf -*-
# Copyright (C) 2001-2018 Free Software Foundation, Inc.
# Copyright (C) 2001-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1101,7 +1116,7 @@ AC_DEFUN([_AM_SET_OPTIONS],
AC_DEFUN([_AM_IF_OPTION],
[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
# Copyright (C) 1999-2018 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1148,7 +1163,7 @@ AC_LANG_POP([C])])
# For backward compatibility.
AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
# Copyright (C) 2001-2018 Free Software Foundation, Inc.
# Copyright (C) 2001-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1167,7 +1182,7 @@ AC_DEFUN([AM_RUN_LOG],
# Check to make sure that the build environment is sane. -*- Autoconf -*-
# Copyright (C) 1996-2018 Free Software Foundation, Inc.
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1248,7 +1263,7 @@ AC_CONFIG_COMMANDS_PRE(
rm -f conftest.file
])
# Copyright (C) 2009-2018 Free Software Foundation, Inc.
# Copyright (C) 2009-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1308,7 +1323,7 @@ AC_SUBST([AM_BACKSLASH])dnl
_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
])
# Copyright (C) 2001-2018 Free Software Foundation, Inc.
# Copyright (C) 2001-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1336,7 +1351,7 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])])
# Copyright (C) 2006-2018 Free Software Foundation, Inc.
# Copyright (C) 2006-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1355,7 +1370,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004-2018 Free Software Foundation, Inc.
# Copyright (C) 2004-2021 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,

11
ar-lib
View file

@ -2,9 +2,9 @@
# Wrapper for Microsoft lib.exe
me=ar-lib
scriptversion=2012-03-01.08; # UTC
scriptversion=2019-07-04.01; # UTC
# Copyright (C) 2010-2018 Free Software Foundation, Inc.
# Copyright (C) 2010-2021 Free Software Foundation, Inc.
# Written by Peter Rosin <peda@lysator.liu.se>.
#
# This program is free software; you can redistribute it and/or modify
@ -53,7 +53,7 @@ func_file_conv ()
MINGW*)
file_conv=mingw
;;
CYGWIN*)
CYGWIN* | MSYS*)
file_conv=cygwin
;;
*)
@ -65,7 +65,7 @@ func_file_conv ()
mingw)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin)
cygwin | msys)
file=`cygpath -m "$file" || echo "$file"`
;;
wine)
@ -224,7 +224,8 @@ elif test -n "$extract"; then
esac
done
else
$AR -NOLOGO -LIST "$archive" | sed -e 's/\\/\\\\/g' | while read member
$AR -NOLOGO -LIST "$archive" | tr -d '\r' | sed -e 's/\\/\\\\/g' \
| while read member
do
$AR -NOLOGO -EXTRACT:"$member" "$archive" || exit $?
done

6
compile
View file

@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2018 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
@ -53,7 +53,7 @@ func_file_conv ()
MINGW*)
file_conv=mingw
;;
CYGWIN*)
CYGWIN* | MSYS*)
file_conv=cygwin
;;
*)
@ -67,7 +67,7 @@ func_file_conv ()
mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin/*)
cygwin/* | msys/*)
file=`cygpath -m "$file" || echo "$file"`
;;
wine/*)

1450
config.guess vendored
View file

File diff suppressed because it is too large Load diff

2847
config.sub vendored
View file

File diff suppressed because it is too large Load diff

6566
configure vendored
View file

File diff suppressed because it is too large Load diff

2
configure.ac
View file

@ -33,7 +33,7 @@
# POSSIBILITY OF SUCH DAMAGE.
AC_PREREQ(2.61)
AC_INIT([dnscap], [2.1.3], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues])
AC_INIT([dnscap], [2.2.0], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues])
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
AC_CONFIG_SRCDIR([src/dnscap.c])
AC_CONFIG_HEADER([src/config.h])

2
depcomp
View file

@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2018 Free Software Foundation, Inc.
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by

89
install-sh
View file

@ -1,7 +1,7 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2018-03-11.20; # UTC
scriptversion=2020-11-14.01; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
@ -69,6 +69,11 @@ posix_mkdir=
# Desired mode of installed file.
mode=0755
# Create dirs (including intermediate dirs) using mode 755.
# This is like GNU 'install' as of coreutils 8.32 (2020).
mkdir_umask=22
backupsuffix=
chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
@ -99,18 +104,28 @@ Options:
--version display version info and exit.
-c (ignored)
-C install only if different (preserve the last data modification time)
-C install only if different (preserve data modification time)
-d create directories instead of installing files.
-g GROUP $chgrpprog installed files to GROUP.
-m MODE $chmodprog installed files to MODE.
-o USER $chownprog installed files to USER.
-p pass -p to $cpprog.
-s $stripprog installed files.
-S SUFFIX attempt to back up existing files, with suffix SUFFIX.
-t DIRECTORY install into DIRECTORY.
-T report an error if DSTFILE is a directory.
Environment variables override the default commands:
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
RMPROG STRIPPROG
By default, rm is invoked with -f; when overridden with RMPROG,
it's up to you to specify -f if you want it.
If -S is not specified, no backups are attempted.
Email bug reports to bug-automake@gnu.org.
Automake home page: https://www.gnu.org/software/automake/
"
while test $# -ne 0; do
@ -137,8 +152,13 @@ while test $# -ne 0; do
-o) chowncmd="$chownprog $2"
shift;;
-p) cpprog="$cpprog -p";;
-s) stripcmd=$stripprog;;
-S) backupsuffix="$2"
shift;;
-t)
is_target_a_directory=always
dst_arg=$2
@ -255,6 +275,10 @@ do
dstdir=$dst
test -d "$dstdir"
dstdir_status=$?
# Don't chown directories that already exist.
if test $dstdir_status = 0; then
chowncmd=""
fi
else
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
@ -301,22 +325,6 @@ do
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# Create intermediate dirs using mode 755 as modified by the umask.
# This is like FreeBSD 'install' as of 1997-10-28.
umask=`umask`
case $stripcmd.$umask in
# Optimize common cases.
*[2367][2367]) mkdir_umask=$umask;;
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
*[0-7])
mkdir_umask=`expr $umask + 22 \
- $umask % 100 % 40 + $umask % 20 \
- $umask % 10 % 4 + $umask % 2
`;;
*) mkdir_umask=$umask,go-w;;
esac
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
@ -326,22 +334,20 @@ do
fi
posix_mkdir=false
case $umask in
*[123567][0-7][0-7])
# POSIX mkdir -p sets u+wx bits regardless of umask, which
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
;;
*)
# Note that $RANDOM variable is not portable (e.g. dash); Use it
# The $RANDOM variable is not portable (e.g., dash). Use it
# here however when possible just to lower collision chance.
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap 'ret=$?; rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null; exit $ret' 0
trap '
ret=$?
rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null
exit $ret
' 0
# Because "mkdir -p" follows existing symlinks and we likely work
# directly in world-writeable /tmp, make sure that the '$tmpdir'
# directory is successfully created first before we actually test
# 'mkdir -p' feature.
# 'mkdir -p'.
if (umask $mkdir_umask &&
$mkdirprog $mkdir_mode "$tmpdir" &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1
@ -371,7 +377,6 @@ do
rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null
fi
trap '' 0;;
esac;;
esac
if
@ -382,7 +387,7 @@ do
then :
else
# The umask is ridiculous, or mkdir does not conform to POSIX,
# mkdir does not conform to POSIX,
# or it failed possibly due to a race condition. Create the
# directory the slow way, step by step, checking for races as we go.
@ -411,7 +416,7 @@ do
prefixes=
else
if $posix_mkdir; then
(umask=$mkdir_umask &&
(umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
@ -451,7 +456,18 @@ do
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
(umask $cp_umask &&
{ test -z "$stripcmd" || {
# Create $dsttmp read-write so that cp doesn't create it read-only,
# which would cause strip to fail.
if test -z "$doit"; then
: >"$dsttmp" # No need to fork-exec 'touch'.
else
$doit touch "$dsttmp"
fi
}
} &&
$doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
@ -477,6 +493,13 @@ do
then
rm -f "$dsttmp"
else
# If $backupsuffix is set, and the file being installed
# already exists, attempt a backup. Don't worry if it fails,
# e.g., if mv doesn't support -f.
if test -n "$backupsuffix" && test -f "$dst"; then
$doit $mvcmd -f "$dst" "$dst$backupsuffix" 2>/dev/null
fi
# Rename the file to the real destination.
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
@ -491,9 +514,9 @@ do
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd -f "$dst" 2>/dev/null ||
$doit $rmcmd "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
{ $doit $rmcmd "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1

4
ltmain.sh Normal file → Executable file
View file

@ -31,7 +31,7 @@
PROGRAM=libtool
PACKAGE=libtool
VERSION="2.4.6 Debian-2.4.6-14"
VERSION="2.4.6 Debian-2.4.6-15build2"
package_revision=2.4.6
@ -2141,7 +2141,7 @@ include the following information:
compiler: $LTCC
compiler flags: $LTCFLAGS
linker: $LD (gnu? $with_gnu_ld)
version: $progname $scriptversion Debian-2.4.6-14
version: $progname $scriptversion Debian-2.4.6-15build2
automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q`
autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q`

4
m4/libtool.m4 vendored
View file

@ -1071,11 +1071,11 @@ _LT_EOF
# to the OS version, if on x86, and 10.4, the deployment
# target defaults to 10.4. Don't you love it?
case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
10.0,*86*-darwin8*|10.0,*-darwin[[912]]*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
10.[[012]][[,.]]*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
10.*)
10.*|11.*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
esac
;;

2
missing
View file

@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2018 Free Software Foundation, Inc.
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify

2
plugins/Makefile.am
View file

@ -3,4 +3,4 @@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
SUBDIRS = pcapdump rssm txtout rzkeychange royparse anonmask ipcrypt \
anonaes128 cryptopan cryptopant eventlog
EXTRA_DIST = template
EXTRA_DIST = template shared

12
plugins/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -158,8 +158,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@ -201,6 +199,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -211,6 +211,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -320,7 +321,7 @@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
SUBDIRS = pcapdump rssm txtout rzkeychange royparse anonmask ipcrypt \
anonaes128 cryptopan cryptopant eventlog
EXTRA_DIST = template
EXTRA_DIST = template shared
all: all-recursive
.SUFFIXES:
@ -459,7 +460,6 @@ cscopelist-am: $(am__tagged_files)
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

3
plugins/anonaes128/Makefile.am
View file

@ -1,9 +1,10 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS) $(libcrypto_CFLAGS)
pkglib_LTLIBRARIES = anonaes128.la

18
plugins/anonaes128/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,11 +518,12 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out test2.out test3.out \
test3.pcap.20181127.155200.414188 test4.tmp
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out test2.out \
test3.out test3.pcap.20181127.155200.414188 test4.tmp
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS) $(libcrypto_CFLAGS)
pkglib_LTLIBRARIES = anonaes128.la
@ -804,7 +807,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -880,7 +883,6 @@ test4.sh.log: test4.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

75
plugins/anonaes128/anonaes128.c
View file

@ -42,6 +42,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#include "dnscap_common.h"
@ -50,12 +51,13 @@
#include <openssl/evp.h>
#include <openssl/err.h>
#define USE_OPENSSL 1
#include "edns0_ecs.c"
#endif
static set_iaddr_t anonaes128_set_iaddr = 0;
static logerr_t* logerr;
static int only_clients = 0, only_servers = 0, dns_port = 53, encrypt_v4 = 0, decrypt = 0;
static int only_clients = 0, only_servers = 0, dns_port = 53, encrypt_v4 = 0, decrypt = 0, edns = 0;
static unsigned char key[16];
static unsigned char iv[16];
#ifdef USE_OPENSSL
@ -86,7 +88,9 @@ void anonaes128_usage()
"\t-c Only en/de-crypt clients (port != 53)\n"
"\t-s Only en/de-crypt servers (port == 53)\n"
"\t-p <port> Set port for -c/-s, default 53\n"
"\t-4 Encrypt IPv4 addresses, not default or recommended\n");
"\t-4 Encrypt IPv4 addresses, not default or recommended\n"
"\t-e Also en/de-crypt EDNS(0) Client Subnet\n"
"\t-E ONLY en/de-crypt EDNS(0) Client Subnet, not IP addresses\n");
}
void anonaes128_extension(int ext, void* arg)
@ -104,7 +108,7 @@ void anonaes128_getopt(int* argc, char** argv[])
unsigned long ul;
char* p;
while ((c = getopt(*argc, *argv, "?k:K:i:I:Dcsp:4")) != EOF) {
while ((c = getopt(*argc, *argv, "?k:K:i:I:Dcsp:4eE")) != EOF) {
switch (c) {
case 'k':
if (strlen(optarg) != 16) {
@ -174,6 +178,13 @@ void anonaes128_getopt(int* argc, char** argv[])
case '4':
encrypt_v4 = 1;
break;
case 'e':
if (!edns)
edns = 1;
break;
case 'E':
edns = -1;
break;
case '?':
anonaes128_usage();
if (!optopt || optopt == '?') {
@ -242,12 +253,66 @@ int anonaes128_close(my_bpftimeval ts)
return 0;
}
#ifdef USE_OPENSSL
void ecs_callback(int family, u_char* buf, size_t len)
{
unsigned char outbuf[16 + EVP_MAX_BLOCK_LENGTH] = { 0 };
int outlen = 0;
struct in6_addr in6 = IN6ADDR_ANY_INIT;
switch (family) {
case 1: // IPv4
if (len > sizeof(struct in_addr))
break;
if (encrypt_v4) {
memcpy(&in6, buf, len);
memcpy(((uint8_t*)&in6) + 4, &in6, 4);
memcpy(((uint8_t*)&in6) + 8, &in6, 4);
memcpy(((uint8_t*)&in6) + 12, &in6, 4);
if (!EVP_CipherUpdate(ctx, outbuf, &outlen, (void*)&in6, 16)) {
logerr("anonaes128.so: error en/de-crypting IP address: %s", ERR_reason_error_string(ERR_get_error()));
exit(1);
}
if (outlen != 16) {
logerr("anonaes128.so: error en/de-crypted output is not 16 bytes");
exit(1);
}
memcpy(buf, outbuf, len);
}
break;
case 2: // IPv6
if (len > sizeof(struct in6_addr))
break;
memcpy(&in6, buf, len);
if (!EVP_CipherUpdate(ctx, outbuf, &outlen, (void*)&in6, 16)) {
logerr("anonaes128.so: error en/de-crypting IP address: %s", ERR_reason_error_string(ERR_get_error()));
exit(1);
}
if (outlen != 16) {
logerr("anonaes128.so: error en/de-crypted output is not 16 bytes");
exit(1);
}
memcpy(buf, outbuf, len);
break;
default:
break;
}
}
#endif
int anonaes128_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen)
u_char* pkt_copy, const unsigned olen,
u_char* payload, const unsigned payloadlen)
{
#ifdef USE_OPENSSL
if (edns && flags & DNSCAP_OUTPUT_ISDNS && payload && payloadlen > DNS_MSG_HDR_SZ) {
parse_for_edns0_ecs(payload, payloadlen, ecs_callback);
if (edns < 0)
return 0;
}
unsigned char outbuf[16 + EVP_MAX_BLOCK_LENGTH];
int outlen = 0;

246
plugins/anonaes128/test1.gold
View file

@ -2144,3 +2144,249 @@ anonaes128.so usage error: must have key (-k/-K) and IV (-i/-I)
ns3.google.com.,IN,A,157794,216.239.36.10 \
ns4.google.com.,IN,A,157794,216.239.38.10
anonaes128.so usage error: -c and -s options are mutually exclusive
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[123.118.213.76].58541 [29.178.88.193].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[123.118.213.76].58541 [29.178.88.193].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[29.178.88.193].53 [123.118.213.76].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[29.178.88.193].53 [123.118.213.76].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[123.118.213.76].33737 [248.188.142.6].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[248.188.142.6].53 [123.118.213.76].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[123.118.213.76].53174 [29.178.88.193].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[123.118.213.76].53174 [29.178.88.193].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[29.178.88.193].53 [123.118.213.76].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[29.178.88.193].53 [123.118.213.76].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[123.118.213.76].50901 [67.192.17.119].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=34.29.83.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[67.192.17.119].53 [123.118.213.76].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=34.29.83.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[123.118.213.76].35191 [99.195.235.60].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[99.195.235.60].53 [123.118.213.76].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.17.0.6].33737 [198.97.190.53].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.97.190.53].53 [172.17.0.6].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.17.0.6].50901 [192.112.36.4].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=34.29.83.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.112.36.4].53 [172.17.0.6].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=34.29.83.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.17.0.6].35191 [1.1.1.1].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.1.1.1].53 [172.17.0.6].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]

5
plugins/anonaes128/test1.sh
View file

@ -16,6 +16,11 @@ ln -fs "$srcdir/../../src/test/dns.pcap" dns.pcap-dist
../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -4 -k "some 16-byte key" -i "some 16-byte key" -s 2>>test1.out
! ../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -4 -k "some 16-byte key" -i "some 16-byte key" -c -s 2>>test1.out
ln -fs "$srcdir/../../src/test/edns.pcap" edns.pcap-dist
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -4 -k "some 16-byte key" -i "some 16-byte key" -e 2>>test1.out
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -4 -k "some 16-byte key" -i "some 16-byte key" -E 2>>test1.out
osrel=`uname -s`
if [ "$osrel" = "OpenBSD" ]; then
mv test1.out test1.out.old

8
plugins/anonaes128/test2.sh
View file

@ -19,12 +19,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test2.out.old
fi
# TODO: Remove when #133 is fixed
cat test2.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test2.new
mv test2.new test2.out
diff test2.out "$srcdir/test2.gold"

8
plugins/anonaes128/test3.sh
View file

@ -18,12 +18,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test3.out.old
fi
# TODO: Remove when #133 is fixed
cat test3.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test3.new
mv test3.new test3.out
diff test3.out "$srcdir/test3.gold"

3
plugins/anonmask/Makefile.am
View file

@ -1,9 +1,10 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS)
pkglib_LTLIBRARIES = anonmask.la

16
plugins/anonmask/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,10 +518,11 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out test2.out
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out test2.out
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS)
pkglib_LTLIBRARIES = anonmask.la
@ -803,7 +806,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -872,7 +875,6 @@ test3.sh.log: test3.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

53
plugins/anonmask/anonmask.c
View file

@ -43,10 +43,12 @@
#include "dnscap_common.h"
#include "edns0_ecs.c"
static set_iaddr_t anonmask_set_iaddr = 0;
static logerr_t* logerr;
static int only_clients = 0, only_servers = 0, mask_port = 53, mask_v4 = 24, mask_v6 = 48;
static int only_clients = 0, only_servers = 0, mask_port = 53, mask_v4 = 24, mask_v6 = 48, edns = 0;
static struct in_addr in4 = { INADDR_ANY };
static struct in6_addr in6 = IN6ADDR_ANY_INIT;
static uint32_t* in6p = (uint32_t*)&in6;
@ -71,7 +73,9 @@ void anonmask_usage()
"\t-s Only mask servers (port == 53)\n"
"\t-p <port> Set port for -c/-s masking, default 53\n"
"\t-4 <netmask> The /mask for IPv4 addresses, default /24\n"
"\t-6 <netmask> The /mask for IPv6 addresses, default /48\n");
"\t-6 <netmask> The /mask for IPv6 addresses, default /48\n"
"\t-e Also mask EDNS(0) Client Subnet\n"
"\t-E ONLY mask EDNS(0) Client Subnet, not IP addresses\n");
}
void anonmask_extension(int ext, void* arg)
@ -89,7 +93,7 @@ void anonmask_getopt(int* argc, char** argv[])
unsigned long ul;
char* p;
while ((c = getopt(*argc, *argv, "?csp:4:6:")) != EOF) {
while ((c = getopt(*argc, *argv, "?csp:4:6:eE")) != EOF) {
switch (c) {
case 'c':
only_clients = 1;
@ -115,6 +119,13 @@ void anonmask_getopt(int* argc, char** argv[])
usage("IPv6 mask must be an integer 0..127");
mask_v6 = (unsigned)ul;
break;
case 'e':
if (!edns)
edns = 1;
break;
case 'E':
edns = -1;
break;
case '?':
anonmask_usage();
if (!optopt || optopt == '?') {
@ -173,11 +184,43 @@ int anonmask_close(my_bpftimeval ts)
return 0;
}
void ecs_callback(int family, u_char* buf, size_t len)
{
u_char* mask;
switch (family) {
case 1: // IPv4
if (len > sizeof(struct in_addr))
break;
mask = (u_char*)&in4;
while (len--) {
*buf++ &= *mask++;
}
break;
case 2: // IPv6
if (len > sizeof(struct in6_addr))
break;
mask = (u_char*)&in6;
while (len--) {
*buf++ &= *mask++;
}
break;
default:
break;
}
}
int anonmask_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen)
u_char* pkt_copy, unsigned olen,
u_char* payload, unsigned payloadlen)
{
if (edns && flags & DNSCAP_OUTPUT_ISDNS && payload && payloadlen > DNS_MSG_HDR_SZ) {
parse_for_edns0_ecs(payload, payloadlen, ecs_callback);
if (edns < 0)
return 0;
}
uint32_t* p6;
for (;;) {

246
plugins/anonmask/test1.gold
View file

@ -2855,3 +2855,249 @@
ns3.google.com.,IN,A,157794,216.239.36.10 \
ns4.google.com.,IN,A,157794,216.239.38.10
anonmask.so usage error: -c and -s options are mutually exclusive
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.0.0.0].58541 [172.0.0.0].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.0.0.0].58541 [172.0.0.0].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.0.0.0].53 [172.0.0.0].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.0.0.0].53 [172.0.0.0].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.0.0.0].33737 [198.0.0.0].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.0.0.0].53 [172.0.0.0].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.0.0.0].53174 [172.0.0.0].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.0.0.0].53174 [172.0.0.0].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.0.0.0].53 [172.0.0.0].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.0.0.0].53 [172.0.0.0].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.0.0.0].50901 [192.0.0.0].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=172.0.0.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.0.0.0].53 [172.0.0.0].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=172.0.0.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.0.0.0].35191 [1.0.0.0].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.0.0.0].53 [172.0.0.0].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.17.0.6].33737 [198.97.190.53].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.97.190.53].53 [172.17.0.6].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.17.0.6].50901 [192.112.36.4].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=172.0.0.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.112.36.4].53 [172.17.0.6].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=172.0.0.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.17.0.6].35191 [1.1.1.1].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.1.1.1].53 [172.17.0.6].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]

5
plugins/anonmask/test1.sh
View file

@ -14,6 +14,11 @@ ln -fs "$srcdir/../../src/test/dns.pcap" dns.pcap-dist
../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -s 2>>test1.out
! ../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -c -s 2>>test1.out
ln -fs "$srcdir/../../src/test/edns.pcap" edns.pcap-dist
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -4 8 -e 2>>test1.out
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -4 8 -E 2>>test1.out
osrel=`uname -s`
if [ "$osrel" = "OpenBSD" ]; then
mv test1.out test1.out.old

8
plugins/anonmask/test2.sh
View file

@ -23,12 +23,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test2.out.old
fi
# TODO: Remove when #133 is fixed
cat test2.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test2.new
mv test2.new test2.out
diff test2.out "$srcdir/test2.gold"

3
plugins/cryptopan/Makefile.am
View file

@ -1,9 +1,10 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS) $(libcrypto_CFLAGS)
pkglib_LTLIBRARIES = cryptopan.la

18
plugins/cryptopan/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,12 +518,13 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out test2.out test3.out \
test3.pcap.20161020.152301.075993 \
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out test2.out \
test3.out test3.pcap.20161020.152301.075993 \
test3.pcap.20181127.155200.414188 test4.tmp
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS) $(libcrypto_CFLAGS)
pkglib_LTLIBRARIES = cryptopan.la
@ -805,7 +808,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -881,7 +884,6 @@ test4.sh.log: test4.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

100
plugins/cryptopan/cryptopan.c
View file

@ -47,6 +47,10 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#ifndef s6_addr32
#define s6_addr32 __u6_addr.__u6_addr32
#endif
#include "dnscap_common.h"
@ -55,12 +59,13 @@
#include <openssl/evp.h>
#include <openssl/err.h>
#define USE_OPENSSL 1
#include "edns0_ecs.c"
#endif
static set_iaddr_t cryptopan_set_iaddr = 0;
static logerr_t* logerr;
static int only_clients = 0, only_servers = 0, dns_port = 53, encrypt_v6 = 0, decrypt = 0;
static int only_clients = 0, only_servers = 0, dns_port = 53, encrypt_v6 = 0, decrypt = 0, edns = 0;
static unsigned char key[16];
static unsigned char iv[16];
static unsigned char pad[16];
@ -94,7 +99,9 @@ void cryptopan_usage()
"\t-c Only en/de-crypt clients (port != 53)\n"
"\t-s Only en/de-crypt servers (port == 53)\n"
"\t-p <port> Set port for -c/-s, default 53\n"
"\t-6 En/de-crypt IPv6 addresses, not default or recommended\n");
"\t-6 En/de-crypt IPv6 addresses, not default or recommended\n"
"\t-e Also en/de-crypt EDNS(0) Client Subnet\n"
"\t-E ONLY en/de-crypt EDNS(0) Client Subnet, not IP addresses\n");
}
void cryptopan_extension(int ext, void* arg)
@ -112,7 +119,7 @@ void cryptopan_getopt(int* argc, char** argv[])
unsigned long ul;
char* p;
while ((c = getopt(*argc, *argv, "?k:K:i:I:a:A:Dcsp:6")) != EOF) {
while ((c = getopt(*argc, *argv, "?k:K:i:I:a:A:Dcsp:6eE")) != EOF) {
switch (c) {
case 'k':
if (strlen(optarg) != 16) {
@ -207,6 +214,13 @@ void cryptopan_getopt(int* argc, char** argv[])
case '6':
encrypt_v6 = 1;
break;
case 'e':
if (!edns)
edns = 1;
break;
case 'E':
edns = -1;
break;
case '?':
cryptopan_usage();
if (!optopt || optopt == '?') {
@ -396,12 +410,56 @@ static inline void _decrypt(uint32_t* in)
}
#endif
#ifdef USE_OPENSSL
void ecs_callback(int family, u_char* buf, size_t len)
{
struct in6_addr in6 = IN6ADDR_ANY_INIT;
switch (family) {
case 1: // IPv4
if (len > sizeof(struct in_addr))
break;
memcpy(&in6, buf, len);
decrypt ? _decrypt((uint32_t*)&in6) : _encrypt((uint32_t*)&in6);
memcpy(buf, &in6, len);
break;
case 2: // IPv6
if (len > sizeof(struct in6_addr))
break;
if (encrypt_v6) {
memcpy(&in6, buf, len);
if (decrypt) {
_decrypt(&in6.s6_addr32[0]);
_decrypt(&in6.s6_addr32[1]);
_decrypt(&in6.s6_addr32[2]);
_decrypt(&in6.s6_addr32[3]);
} else {
_encrypt(&in6.s6_addr32[0]);
_encrypt(&in6.s6_addr32[1]);
_encrypt(&in6.s6_addr32[2]);
_encrypt(&in6.s6_addr32[3]);
}
memcpy(buf, &in6, len);
}
break;
default:
break;
}
}
#endif
int cryptopan_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen)
u_char* pkt_copy, const unsigned olen,
u_char* payload, const unsigned payloadlen)
{
#ifdef USE_OPENSSL
if (edns && flags & DNSCAP_OUTPUT_ISDNS && payload && payloadlen > DNS_MSG_HDR_SZ) {
parse_for_edns0_ecs(payload, payloadlen, ecs_callback);
if (edns < 0)
return 0;
}
for (;;) {
if (only_clients && sport == dns_port) {
if (sport != dport) {
@ -421,15 +479,15 @@ int cryptopan_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, u
case AF_INET6:
if (encrypt_v6) {
if (decrypt) {
_decrypt((uint32_t*)&from->u.a6);
_decrypt(((uint32_t*)&from->u.a6) + 1); // lgtm [cpp/suspicious-pointer-scaling]
_decrypt(((uint32_t*)&from->u.a6) + 2); // lgtm [cpp/suspicious-pointer-scaling]
_decrypt(((uint32_t*)&from->u.a6) + 3); // lgtm [cpp/suspicious-pointer-scaling]
_decrypt(&from->u.a6.s6_addr32[0]);
_decrypt(&from->u.a6.s6_addr32[1]);
_decrypt(&from->u.a6.s6_addr32[2]);
_decrypt(&from->u.a6.s6_addr32[3]);
} else {
_encrypt((uint32_t*)&from->u.a6);
_encrypt(((uint32_t*)&from->u.a6) + 1); // lgtm [cpp/suspicious-pointer-scaling]
_encrypt(((uint32_t*)&from->u.a6) + 2); // lgtm [cpp/suspicious-pointer-scaling]
_encrypt(((uint32_t*)&from->u.a6) + 3); // lgtm [cpp/suspicious-pointer-scaling]
_encrypt(&from->u.a6.s6_addr32[0]);
_encrypt(&from->u.a6.s6_addr32[1]);
_encrypt(&from->u.a6.s6_addr32[2]);
_encrypt(&from->u.a6.s6_addr32[3]);
}
break;
}
@ -459,15 +517,15 @@ int cryptopan_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, u
case AF_INET6:
if (encrypt_v6) {
if (decrypt) {
_decrypt((uint32_t*)&to->u.a6);
_decrypt(((uint32_t*)&to->u.a6) + 1); // lgtm [cpp/suspicious-pointer-scaling]
_decrypt(((uint32_t*)&to->u.a6) + 2); // lgtm [cpp/suspicious-pointer-scaling]
_decrypt(((uint32_t*)&to->u.a6) + 3); // lgtm [cpp/suspicious-pointer-scaling]
_decrypt(&to->u.a6.s6_addr32[0]);
_decrypt(&to->u.a6.s6_addr32[1]);
_decrypt(&to->u.a6.s6_addr32[2]);
_decrypt(&to->u.a6.s6_addr32[3]);
} else {
_encrypt((uint32_t*)&to->u.a6);
_encrypt(((uint32_t*)&to->u.a6) + 1); // lgtm [cpp/suspicious-pointer-scaling]
_encrypt(((uint32_t*)&to->u.a6) + 2); // lgtm [cpp/suspicious-pointer-scaling]
_encrypt(((uint32_t*)&to->u.a6) + 3); // lgtm [cpp/suspicious-pointer-scaling]
_encrypt(&to->u.a6.s6_addr32[0]);
_encrypt(&to->u.a6.s6_addr32[1]);
_encrypt(&to->u.a6.s6_addr32[2]);
_encrypt(&to->u.a6.s6_addr32[3]);
}
break;
}

246
plugins/cryptopan/test1.gold
View file

@ -2145,3 +2145,249 @@ cryptopan.so usage error: must have key (-k/-K), IV (-i/-I) and padding (-a/-A)
ns3.google.com.,IN,A,157794,216.239.36.10 \
ns4.google.com.,IN,A,157794,216.239.38.10
cryptopan.so usage error: -c and -s options are mutually exclusive
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[137.205.188.240].58541 [137.205.188.246].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[137.205.188.240].58541 [137.205.188.246].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[137.205.188.246].53 [137.205.188.240].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[137.205.188.246].53 [137.205.188.240].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[137.205.188.240].33737 [242.191.199.152].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[242.191.199.152].53 [137.205.188.240].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[137.205.188.240].53174 [137.205.188.246].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[137.205.188.240].53174 [137.205.188.246].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[137.205.188.246].53 [137.205.188.240].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[137.205.188.246].53 [137.205.188.240].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[137.205.188.240].50901 [245.202.0.100].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=137.205.188.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[245.202.0.100].53 [137.205.188.240].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=137.205.188.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[137.205.188.240].35191 [39.174.37.237].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[39.174.37.237].53 [137.205.188.240].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.17.0.6].33737 [198.97.190.53].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.97.190.53].53 [172.17.0.6].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.17.0.6].50901 [192.112.36.4].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=137.205.188.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.112.36.4].53 [172.17.0.6].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=137.205.188.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.17.0.6].35191 [1.1.1.1].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.1.1.1].53 [172.17.0.6].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]

5
plugins/cryptopan/test1.sh
View file

@ -17,6 +17,11 @@ ln -fs "$srcdir/../../src/test/dns.pcap" dns.pcap-dist
../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -i "some 16-byte key" -a "some 16-byte key" -s 2>>test1.out
! ../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -i "some 16-byte key" -a "some 16-byte key" -c -s 2>>test1.out
ln -fs "$srcdir/../../src/test/edns.pcap" edns.pcap-dist
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -i "some 16-byte key" -a "some 16-byte key" -e 2>>test1.out
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -i "some 16-byte key" -a "some 16-byte key" -E 2>>test1.out
osrel=`uname -s`
if [ "$osrel" = "OpenBSD" ]; then
mv test1.out test1.out.old

8
plugins/cryptopan/test2.sh
View file

@ -19,12 +19,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test2.out.old
fi
# TODO: Remove when #133 is fixed
cat test2.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test2.new
mv test2.new test2.out
diff test2.out "$srcdir/test2.gold"

8
plugins/cryptopan/test3.sh
View file

@ -21,12 +21,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test3.out.old
fi
# TODO: Remove when #133 is fixed
cat test3.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test3.new
mv test3.new test3.out
diff test3.out "$srcdir/test3.gold"

3
plugins/cryptopant/Makefile.am
View file

@ -1,9 +1,10 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS) $(libcrypto_CFLAGS)
pkglib_LTLIBRARIES = cryptopant.la

18
plugins/cryptopant/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,12 +518,13 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out test2.out test3.out \
test3.pcap.20161020.152301.075993 \
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out test2.out \
test3.out test3.pcap.20161020.152301.075993 \
test3.pcap.20181127.155200.414188
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS) $(libcrypto_CFLAGS)
pkglib_LTLIBRARIES = cryptopant.la
@ -805,7 +808,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -881,7 +884,6 @@ test4.sh.log: test4.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

57
plugins/cryptopant/cryptopant.c
View file

@ -39,18 +39,20 @@
#include <unistd.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include "dnscap_common.h"
#if defined(HAVE_LIBCRYPTOPANT) && defined(HAVE_CRYPTOPANT_H)
#include <cryptopANT.h>
#define USE_CRYPTOPANT 1
#include "edns0_ecs.c"
#endif
static set_iaddr_t cryptopant_set_iaddr = 0;
static logerr_t* logerr;
static int only_clients = 0, only_servers = 0, dns_port = 53, pass4 = 0, pass6 = 0, decrypt = 0;
static int only_clients = 0, only_servers = 0, dns_port = 53, pass4 = 0, pass6 = 0, decrypt = 0, edns = 0;
enum plugin_type cryptopant_type()
{
@ -74,7 +76,9 @@ void cryptopant_usage()
"\t-D Decrypt IP addresses\n"
"\t-c Only encrypt clients (port != 53)\n"
"\t-s Only encrypt servers (port == 53)\n"
"\t-p <port> Set port for -c/-s, default 53\n");
"\t-p <port> Set port for -c/-s, default 53\n"
"\t-e Also en/de-crypt EDNS(0) Client Subnet\n"
"\t-E ONLY en/de-crypt EDNS(0) Client Subnet, not IP addresses\n");
}
void cryptopant_extension(int ext, void* arg)
@ -92,7 +96,7 @@ void cryptopant_getopt(int* argc, char** argv[])
unsigned long ul;
char * p, *keyfile = 0;
while ((c = getopt(*argc, *argv, "?k:4:6:Dcsp:")) != EOF) {
while ((c = getopt(*argc, *argv, "?k:4:6:Dcsp:eE")) != EOF) {
switch (c) {
case 'k':
if (keyfile) {
@ -127,6 +131,13 @@ void cryptopant_getopt(int* argc, char** argv[])
usage("port must be an integer 1..65535");
dns_port = (unsigned)ul;
break;
case 'e':
if (!edns)
edns = 1;
break;
case 'E':
edns = -1;
break;
case '?':
cryptopant_usage();
if (!optopt || optopt == '?') {
@ -179,12 +190,48 @@ int cryptopant_close(my_bpftimeval ts)
return 0;
}
#ifdef USE_CRYPTOPANT
void ecs_callback(int family, u_char* buf, size_t len)
{
switch (family) {
case 1: // IPv4
{
if (len > sizeof(struct in_addr))
break;
struct in_addr in = { INADDR_ANY };
memcpy(&in, buf, len);
in.s_addr = decrypt ? unscramble_ip4(in.s_addr, pass4) : scramble_ip4(in.s_addr, pass4);
memcpy(buf, &in, len);
break;
}
case 2: // IPv6
{
if (len > sizeof(struct in6_addr))
break;
struct in6_addr in = IN6ADDR_ANY_INIT;
memcpy(&in, buf, len);
decrypt ? unscramble_ip6(&in, pass6) : scramble_ip6(&in, pass6);
memcpy(buf, &in, len);
break;
}
default:
break;
}
}
#endif
int cryptopant_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen)
u_char* pkt_copy, const unsigned olen,
u_char* payload, const unsigned payloadlen)
{
#ifdef USE_CRYPTOPANT
if (edns && flags & DNSCAP_OUTPUT_ISDNS && payload && payloadlen > DNS_MSG_HDR_SZ) {
parse_for_edns0_ecs(payload, payloadlen, ecs_callback);
if (edns < 0)
return 0;
}
for (;;) {
if (only_clients && sport == dns_port) {
if (sport != dport) {

246
plugins/cryptopant/test1.gold
View file

@ -2856,3 +2856,249 @@ cryptopant.so usage error: must have a -k keyfile
ns3.google.com.,IN,A,157794,216.239.36.10 \
ns4.google.com.,IN,A,157794,216.239.38.10
cryptopant.so usage error: -c and -s options are mutually exclusive
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.24.244.221].58541 [172.24.244.218].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.24.244.221].58541 [172.24.244.218].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.24.244.218].53 [172.24.244.221].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.24.244.218].53 [172.24.244.221].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.24.244.221].33737 [198.221.87.229].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.221.87.229].53 [172.24.244.221].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.24.244.221].53174 [172.24.244.218].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.24.244.221].53174 [172.24.244.218].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.24.244.218].53 [172.24.244.221].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.24.244.218].53 [172.24.244.221].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.24.244.221].50901 [192.37.47.233].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=172.24.244.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.37.47.233].53 [172.24.244.221].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=172.24.244.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.24.244.221].35191 [1.183.102.77].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.183.102.77].53 [172.24.244.221].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.17.0.6].33737 [198.97.190.53].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.97.190.53].53 [172.17.0.6].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.17.0.6].50901 [192.112.36.4].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=172.24.244.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.112.36.4].53 [172.17.0.6].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=172.24.244.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.17.0.6].35191 [1.1.1.1].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.1.1.1].53 [172.17.0.6].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]

5
plugins/cryptopant/test1.sh
View file

@ -21,6 +21,11 @@ fi
../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -k "$srcdir/keyfile" -s 2>>test1.out
! ../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -k "$srcdir/keyfile" -c -s 2>>test1.out
ln -fs "$srcdir/../../src/test/edns.pcap" edns.pcap-dist
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -k "$srcdir/keyfile" -4 8 -e 2>>test1.out
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -k "$srcdir/keyfile" -4 8 -E 2>>test1.out
osrel=`uname -s`
if [ "$osrel" = "OpenBSD" ]; then
mv test1.out test1.out.old

8
plugins/cryptopant/test2.sh
View file

@ -26,12 +26,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test2.out.old
fi
# TODO: Remove when #133 is fixed
cat test2.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test2.new
mv test2.new test2.out
diff test2.out "$srcdir/test2.gold"

8
plugins/cryptopant/test3.sh
View file

@ -27,12 +27,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test3.out.old
fi
# TODO: Remove when #133 is fixed
cat test3.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test3.new
mv test3.new test3.out
diff test3.out "$srcdir/test3.gold"

4
plugins/eventlog/Makefile.am
View file

@ -1,5 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -13,7 +13,7 @@ eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
CLEANFILES += test1.out *.pcap-dist
CLEANFILES += test1.out
if ENABLE_GCOV
gcov-local:

15
plugins/eventlog/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,7 +518,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out *.pcap-dist
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
@ -804,7 +806,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -859,7 +861,6 @@ test1.sh.log: test1.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

3
plugins/ipcrypt/Makefile.am
View file

@ -1,9 +1,10 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS)
pkglib_LTLIBRARIES = ipcrypt.la

18
plugins/ipcrypt/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,12 +518,13 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out test2.out test3.out \
test3.pcap.20161020.152301.075993 \
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out test2.out \
test3.out test3.pcap.20161020.152301.075993 \
test3.pcap.20181127.155200.414188 test4.tmp
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
-I$(top_srcdir)/plugins/shared \
$(SECCOMPFLAGS)
pkglib_LTLIBRARIES = ipcrypt.la
@ -805,7 +808,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -881,7 +884,6 @@ test4.sh.log: test4.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

66
plugins/ipcrypt/ipcrypt.c
View file

@ -42,13 +42,16 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#include "dnscap_common.h"
#include "edns0_ecs.c"
static set_iaddr_t ipcrypt_set_iaddr = 0;
static logerr_t* logerr;
static int only_clients = 0, only_servers = 0, dns_port = 53, iterations = 1, encrypt_v6 = 0, decrypt = 0;
static int only_clients = 0, only_servers = 0, dns_port = 53, iterations = 1, encrypt_v6 = 0, decrypt = 0, edns = 0;
static uint8_t key[16];
/*
@ -157,7 +160,9 @@ void ipcrypt_usage()
"\t-s Only en/de-crypt servers (port == 53)\n"
"\t-p <port> Set port for -c/-s, default 53\n"
"\t-i <num> Number of en/de-cryption iterations, default 1\n"
"\t-6 En/de-crypt IPv6 addresses, not default or recommended\n");
"\t-6 En/de-crypt IPv6 addresses, not default or recommended\n"
"\t-e Also en/de-crypt EDNS(0) Client Subnet\n"
"\t-E ONLY en/de-crypt EDNS(0) Client Subnet, not IP addresses\n");
}
void ipcrypt_extension(int ext, void* arg)
@ -175,7 +180,7 @@ void ipcrypt_getopt(int* argc, char** argv[])
unsigned long ul;
char* p;
while ((c = getopt(*argc, *argv, "?k:f:Dcsp:i:6")) != EOF) {
while ((c = getopt(*argc, *argv, "?k:f:Dcsp:i:6eE")) != EOF) {
switch (c) {
case 'k':
if (strlen(optarg) != 16) {
@ -226,6 +231,13 @@ void ipcrypt_getopt(int* argc, char** argv[])
case '6':
encrypt_v6 = 1;
break;
case 'e':
if (!edns)
edns = 1;
break;
case 'E':
edns = -1;
break;
case '?':
ipcrypt_usage();
if (!optopt || optopt == '?') {
@ -266,11 +278,55 @@ int ipcrypt_close(my_bpftimeval ts)
return 0;
}
void ecs_callback(int family, u_char* buf, size_t len)
{
switch (family) {
case 1: // IPv4
{
if (len > sizeof(struct in_addr))
break;
struct in_addr in = { INADDR_ANY };
memcpy(&in, buf, len);
decrypt ? _decrypt((uint8_t*)&in) : _encrypt((uint8_t*)&in);
memcpy(buf, &in, len);
break;
}
case 2: // IPv6
if (len > sizeof(struct in6_addr))
break;
if (encrypt_v6) {
struct in6_addr in = IN6ADDR_ANY_INIT;
memcpy(&in, buf, len);
if (decrypt) {
_decrypt((uint8_t*)&in);
_decrypt(((uint8_t*)&in) + 4);
_decrypt(((uint8_t*)&in) + 8);
_decrypt(((uint8_t*)&in) + 12);
} else {
_encrypt((uint8_t*)&in);
_encrypt(((uint8_t*)&in) + 4);
_encrypt(((uint8_t*)&in) + 8);
_encrypt(((uint8_t*)&in) + 12);
}
memcpy(buf, &in, len);
}
break;
default:
break;
}
}
int ipcrypt_filter(const char* descr, iaddr* from, iaddr* to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen)
u_char* pkt_copy, const unsigned olen,
u_char* payload, const unsigned payloadlen)
{
if (edns && flags & DNSCAP_OUTPUT_ISDNS && payload && payloadlen > DNS_MSG_HDR_SZ) {
parse_for_edns0_ecs(payload, payloadlen, ecs_callback);
if (edns < 0)
return 0;
}
for (;;) {
if (only_clients && sport == dns_port) {
if (sport != dport) {

246
plugins/ipcrypt/test1.gold
View file

@ -2142,3 +2142,249 @@ ipcrypt.so usage error: must have -k <key> or -f <file>
ns3.google.com.,IN,A,157794,216.239.36.10 \
ns4.google.com.,IN,A,157794,216.239.38.10
ipcrypt.so usage error: -c and -s options are mutually exclusive
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[122.143.39.9].58541 [132.72.37.15].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[122.143.39.9].58541 [132.72.37.15].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[132.72.37.15].53 [122.143.39.9].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[132.72.37.15].53 [122.143.39.9].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[122.143.39.9].33737 [225.150.52.100].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[225.150.52.100].53 [122.143.39.9].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[122.143.39.9].53174 [132.72.37.15].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[122.143.39.9].53174 [132.72.37.15].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[132.72.37.15].53 [122.143.39.9].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[132.72.37.15].53 [122.143.39.9].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[122.143.39.9].50901 [255.236.91.80].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=250.154.229.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[255.236.91.80].53 [122.143.39.9].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=250.154.229.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[122.143.39.9].35191 [214.180.194.165].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[214.180.194.165].53 [122.143.39.9].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap-dist 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap-dist 4095] \
[172.17.0.6].33737 [198.97.190.53].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap-dist 4095] \
[198.97.190.53].53 [172.17.0.6].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap-dist 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap-dist 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap-dist 4095] \
[172.17.0.6].50901 [192.112.36.4].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=250.154.229.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap-dist 4095] \
[192.112.36.4].53 [172.17.0.6].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=250.154.229.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap-dist 4095] \
[172.17.0.6].35191 [1.1.1.1].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap-dist 4095] \
[1.1.1.1].53 [172.17.0.6].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]

5
plugins/ipcrypt/test1.sh
View file

@ -14,6 +14,11 @@ ln -fs "$srcdir/../../src/test/dns.pcap" dns.pcap-dist
../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -s 2>>test1.out
! ../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -c -s 2>>test1.out
ln -fs "$srcdir/../../src/test/edns.pcap" edns.pcap-dist
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -e 2>>test1.out
../../src/dnscap -r edns.pcap-dist -g -P "$plugin" -k "some 16-byte key" -E 2>>test1.out
osrel=`uname -s`
if [ "$osrel" = "OpenBSD" ]; then
mv test1.out test1.out.old

8
plugins/ipcrypt/test2.sh
View file

@ -19,12 +19,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test2.out.old
fi
# TODO: Remove when #133 is fixed
cat test2.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test2.new
mv test2.new test2.out
diff test2.out "$srcdir/test2.gold"

8
plugins/ipcrypt/test3.sh
View file

@ -21,12 +21,4 @@ if [ "$osrel" = "OpenBSD" ]; then
rm test3.out.old
fi
# TODO: Remove when #133 is fixed
cat test3.out | \
sed 's%,CLASS4096,OPT,%,4096,4096,%' | \
sed 's%,CLASS512,OPT,%,512,512,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=4096,%,4096,4096,0,edns0[len=0,UDP=4096,%' | \
sed 's%,41,41,0,edns0\[len=0,UDP=512,%,512,512,0,edns0[len=0,UDP=512,%' >test3.new
mv test3.new test3.out
diff test3.out "$srcdir/test3.gold"

4
plugins/pcapdump/Makefile.am
View file

@ -1,5 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -12,7 +12,7 @@ pcapdump_la_LDFLAGS = -module -avoid-version
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
CLEANFILES += test1.out* *.pcap-dist
CLEANFILES += test1.out
if ENABLE_GCOV
gcov-local:

15
plugins/pcapdump/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,7 +518,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out* *.pcap-dist
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
@ -803,7 +805,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -858,7 +860,6 @@ test1.sh.log: test1.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

4
plugins/royparse/Makefile.am
View file

@ -1,5 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -13,7 +13,7 @@ royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
CLEANFILES += test1.out* *.pcap-dist
CLEANFILES += test1.out
if ENABLE_GCOV
gcov-local:

15
plugins/royparse/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,7 +518,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out* *.pcap-dist
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
@ -804,7 +806,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -859,7 +861,6 @@ test1.sh.log: test1.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

11
plugins/rssm/Makefile.am
View file

@ -1,6 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = $(srcdir)/hashtbl.c \
hashtbl.c *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -10,8 +9,6 @@ AM_CFLAGS = -I$(srcdir) \
pkglib_LTLIBRARIES = rssm.la
rssm_la_SOURCES = rssm.c
nodist_rssm_la_SOURCES = hashtbl.c
BUILT_SOURCES = hashtbl.c
rssm_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh test2.sh test3.sh test4.sh test5.sh
EXTRA_DIST = $(TESTS) test1.gold test2.gold dnscap-rssm-rssac002.1.in \
@ -29,12 +26,6 @@ gcov-local:
done
endif
hashtbl.c: $(top_srcdir)/src/hashtbl.c
cp $(top_srcdir)/src/hashtbl.c ./
$(srcdir)/hashtbl.c: $(top_srcdir)/src/hashtbl.c
cp $(top_srcdir)/src/hashtbl.c $(srcdir)/
dnscap-rssm-rssac002.1: dnscap-rssm-rssac002.1.in Makefile
sed -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' \
-e 's,[@]PACKAGE_URL[@],$(PACKAGE_URL),g' \

47
plugins/rssm/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -140,8 +140,7 @@ am__installdirs = "$(DESTDIR)$(pkglibdir)" "$(DESTDIR)$(bindir)" \
LTLIBRARIES = $(pkglib_LTLIBRARIES)
rssm_la_LIBADD =
am_rssm_la_OBJECTS = rssm.lo
nodist_rssm_la_OBJECTS = hashtbl.lo
rssm_la_OBJECTS = $(am_rssm_la_OBJECTS) $(nodist_rssm_la_OBJECTS)
rssm_la_OBJECTS = $(am_rssm_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@ -165,7 +164,7 @@ am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/src
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/hashtbl.Plo ./$(DEPDIR)/rssm.Plo
am__depfiles_remade = ./$(DEPDIR)/rssm.Plo
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@ -185,7 +184,7 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
am__v_CCLD_0 = @echo " CCLD " $@;
am__v_CCLD_1 =
SOURCES = $(rssm_la_SOURCES) $(nodist_rssm_la_SOURCES)
SOURCES = $(rssm_la_SOURCES)
DIST_SOURCES = $(rssm_la_SOURCES)
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
@ -213,8 +212,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -370,6 +367,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -393,7 +391,7 @@ TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
$(TEST_LOG_FLAGS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
$(top_srcdir)/test-driver
$(top_srcdir)/test-driver README.md
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@ -408,6 +406,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -418,6 +418,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -524,7 +525,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = $(srcdir)/hashtbl.c hashtbl.c *.gcda *.gcno *.gcov \
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist \
test1.20161020.152301.075993 test2.out $(man1_MANS) \
test3.20181127.155200.414188 test4.*20161020.152301.075993 \
test5.20180110.112241.543825
@ -536,8 +537,6 @@ AM_CFLAGS = -I$(srcdir) \
pkglib_LTLIBRARIES = rssm.la
rssm_la_SOURCES = rssm.c
nodist_rssm_la_SOURCES = hashtbl.c
BUILT_SOURCES = hashtbl.c
rssm_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh test2.sh test3.sh test4.sh test5.sh
EXTRA_DIST = $(TESTS) test1.gold test2.gold dnscap-rssm-rssac002.1.in \
@ -545,8 +544,7 @@ EXTRA_DIST = $(TESTS) test1.gold test2.gold dnscap-rssm-rssac002.1.in \
dist_bin_SCRIPTS = dnscap-rssm-rssac002
man1_MANS = dnscap-rssm-rssac002.1
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-am
all: all-am
.SUFFIXES:
.SUFFIXES: .c .lo .log .o .obj .test .test$(EXEEXT) .trs
@ -659,7 +657,6 @@ mostlyclean-compile:
distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hashtbl.Plo@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rssm.Plo@am__quote@ # am--include-marker
$(am__depfiles_remade):
@ -899,7 +896,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -982,7 +979,6 @@ test5.sh.log: test5.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
@ -1018,15 +1014,13 @@ distdir-am: $(DISTFILES)
done
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) check-am
check: check-am
all-am: Makefile $(LTLIBRARIES) $(SCRIPTS) $(MANS)
installdirs:
for dir in "$(DESTDIR)$(pkglibdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) install-am
install: install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
@ -1060,7 +1054,6 @@ distclean-generic:
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
@ENABLE_GCOV_FALSE@gcov-local:
clean: clean-am
@ -1069,7 +1062,6 @@ clean-am: clean-generic clean-libtool clean-pkglibLTLIBRARIES \
mostlyclean-am
distclean: distclean-am
-rm -f ./$(DEPDIR)/hashtbl.Plo
-rm -f ./$(DEPDIR)/rssm.Plo
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
@ -1120,7 +1112,6 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -f ./$(DEPDIR)/hashtbl.Plo
-rm -f ./$(DEPDIR)/rssm.Plo
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@ -1143,7 +1134,7 @@ uninstall-am: uninstall-dist_binSCRIPTS uninstall-man \
uninstall-man: uninstall-man1
.MAKE: all check check-am install install-am install-strip
.MAKE: check-am install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-TESTS \
check-am clean clean-generic clean-libtool \
@ -1171,12 +1162,6 @@ uninstall-man: uninstall-man1
@ENABLE_GCOV_TRUE@ gcov -o .libs -l -r -s "$(srcdir)" "$$src"; \
@ENABLE_GCOV_TRUE@ done
hashtbl.c: $(top_srcdir)/src/hashtbl.c
cp $(top_srcdir)/src/hashtbl.c ./
$(srcdir)/hashtbl.c: $(top_srcdir)/src/hashtbl.c
cp $(top_srcdir)/src/hashtbl.c $(srcdir)/
dnscap-rssm-rssac002.1: dnscap-rssm-rssac002.1.in Makefile
sed -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' \
-e 's,[@]PACKAGE_URL[@],$(PACKAGE_URL),g' \

42
plugins/rssm/README.md Normal file
View file

@ -0,0 +1,42 @@
# Root Server Scaling Measurement (RSSM) plugin
This plugin collects data as described by the [RSSAC002v3 specification](https://www.icann.org/en/system/files/files/rssac-002-measurements-root-06jun16-en.pdf)
which has been created by [ICANN Root Server System Advisory Committee](https://www.icann.org/groups/rssac) (RSSAC).
## Additions
As the RSSAC002v3 specification states that measurements should be saved per
24 hours interval, this plugin produces additional metrics that can be used
to compile the 24 hours measurements allowing for variable time between
output generation.
Metric `dnscap-rssm-sources` has a hash entry called `sources` which lists
IP addresses and the number of times they appeared.
Metric `dnscap-rssm-aggregated-sources` has a hash entry called `aggregated-sources`
which lists the aggregated IPv6 addresses by a /64 net and the number of times
it has appeared.
## Merge Tool
The Perl script `dnscap-rssm-rssac002` is included and installed with `dnscap`
and can be used to multiple combine RSSM plugin RSSAC002v3 YAML output files
into one file.
The script will merge and remove metric specific to this plugin and replace
others to fill in correct values for the new time period. The earliest
`start-period` found will be used for all metrics.
**NOTE** no parsing of `start-period` is performed, it is up to the operator
to only give input files related to the same 24 hour period.
Options:
- `--no-recompile`: Disabled the combining of metrics and the removal of
metrics specific to this plugin
- `--keep-dnscap-rssm`: Do the combining but keep the metrics specific to
this plugin
- `--sort`: Output will always start with `version:`, `service:`,
`start-period:` and `metric:`, rest of the values are not ordered by label.
This option enabled sorting of them, which is not required by the
specification but may help in debugging and testing cases.
- `--skip-unsupported`: Skip unsupported RSSAC002 version metrics

2
plugins/rssm/rssm.c
View file

@ -60,7 +60,7 @@
#include "dnscap_common.h"
#include "hashtbl.h"
#include "hashtbl.c"
static logerr_t* logerr;
static my_bpftimeval open_ts;

3
plugins/rzkeychange/Makefile.am
View file

@ -1,5 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -13,7 +13,6 @@ rzkeychange_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
CLEANFILES += *.pcap-dist
if ENABLE_GCOV
gcov-local:

13
plugins/rzkeychange/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -206,8 +206,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -363,6 +361,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -401,6 +400,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -411,6 +412,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -805,7 +807,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -860,7 +862,6 @@ test1.sh.log: test1.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

222
plugins/shared/edns0_ecs.c Normal file
View file

@ -0,0 +1,222 @@
/*
* Copyright (c) 2018-2023, OARC, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. Neither the name of the copyright holder nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#define DNS_MSG_HDR_SZ 12
#define RFC1035_MAXLABELSZ 63
#define nptohs(p) ((((uint8_t*)(p))[0] << 8) | ((uint8_t*)(p))[1])
static int rfc1035NameSkip(const u_char* buf, size_t sz, off_t* off)
{
unsigned char c;
size_t len;
/*
* loop_detect[] tracks which position in the DNS message it has
* jumped to so it can't jump to the same twice, aka loop
*/
static unsigned char loop_detect[0x3FFF] = { 0 };
do {
if ((*off) >= sz)
break;
c = *(buf + (*off));
if (c > 191) {
/* blasted compression */
int rc;
unsigned short s;
off_t ptr, loop_ptr;
s = nptohs(buf + (*off));
(*off) += sizeof(s);
/* Sanity check */
if ((*off) >= sz)
return 1; /* message too short */
ptr = s & 0x3FFF;
/* Make sure the pointer is inside this message */
if (ptr >= sz)
return 2; /* bad compression ptr */
if (ptr < DNS_MSG_HDR_SZ)
return 2; /* bad compression ptr */
if (loop_detect[ptr])
return 4; /* compression loop */
loop_detect[(loop_ptr = ptr)] = 1;
rc = rfc1035NameSkip(buf, sz, &ptr);
loop_detect[loop_ptr] = 0;
return rc;
} else if (c > RFC1035_MAXLABELSZ) {
/*
* "(The 10 and 01 combinations are reserved for future use.)"
*/
return 3; /* reserved label/compression flags */
} else {
(*off)++;
len = (size_t)c;
if (len == 0)
break;
if ((*off) + len > sz)
return 4; /* message is too short */
(*off) += len;
}
} while (c > 0);
return 0;
}
static off_t skip_question(const u_char* buf, int len, off_t offset)
{
if (rfc1035NameSkip(buf, len, &offset))
return 0;
if (offset + 4 > len)
return 0;
offset += 4;
return offset;
}
static off_t skip_rr(const u_char* buf, int len, off_t offset)
{
if (rfc1035NameSkip(buf, len, &offset))
return 0;
if (offset + 10 > len)
return 0;
unsigned short us = nptohs(buf + offset + 8);
offset += 10;
if (offset + us > len)
return 0;
offset += us;
return offset;
}
#define EDNS0_TYPE_ECS 8
typedef void (*edns0_ecs_cb)(int family, u_char* buf, size_t len);
static void process_edns0_options(u_char* buf, int len, edns0_ecs_cb cb)
{
unsigned short edns0_type;
unsigned short edns0_len;
off_t offset = 0;
while (len >= 4) {
edns0_type = nptohs(buf + offset);
edns0_len = nptohs(buf + offset + 2);
if (len < 4 + edns0_len)
break;
if (edns0_type == EDNS0_TYPE_ECS) {
if (edns0_len < 5)
break;
if (cb)
cb(nptohs(buf + offset + 4), buf + offset + 8, edns0_len - 4);
}
offset += 4 + edns0_len;
len -= 4 + edns0_len;
}
}
#define T_OPT 41
static off_t grok_additional_for_opt_rr(u_char* buf, int len, off_t offset, edns0_ecs_cb cb)
{
unsigned short us;
/*
* OPT RR for EDNS0 MUST be 0 (root domain), so if the first byte of
* the name is anything it can't be a valid EDNS0 record.
*/
if (*(buf + offset)) {
if (rfc1035NameSkip(buf, len, &offset))
return 0;
if (offset + 10 > len)
return 0;
} else {
offset++;
if (offset + 10 > len)
return 0;
if (nptohs(buf + offset) == T_OPT) {
u_char version = *(buf + offset + 5);
us = nptohs(buf + offset + 8); // rd len
offset += 10;
if (offset + us > len)
return 0;
if (!version && us > 0)
process_edns0_options(buf + offset, us, cb);
offset += us;
return offset;
}
}
/* get rdlength */
us = nptohs(buf + offset + 8);
offset += 10;
if (offset + us > len)
return 0;
offset += us;
return offset;
}
static void parse_for_edns0_ecs(u_char* payload, size_t payloadlen, edns0_ecs_cb cb)
{
off_t offset;
int qdcount, ancount, nscount, arcount;
qdcount = nptohs(payload + 4);
ancount = nptohs(payload + 6);
nscount = nptohs(payload + 8);
arcount = nptohs(payload + 10);
offset = DNS_MSG_HDR_SZ;
while (qdcount > 0 && offset < payloadlen) {
if (!(offset = skip_question(payload, payloadlen, offset))) {
return;
}
qdcount--;
}
while (ancount > 0 && offset < payloadlen) {
if (!(offset = skip_rr(payload, payloadlen, offset))) {
return;
}
ancount--;
}
while (nscount > 0 && offset < payloadlen) {
if (!(offset = skip_rr(payload, payloadlen, offset))) {
return;
}
nscount--;
}
while (arcount > 0 && offset < payloadlen) {
if (!(offset = grok_additional_for_opt_rr(payload, payloadlen, offset, cb))) {
return;
}
arcount--;
}
}

3
plugins/template/Makefile.am
View file

@ -1,5 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -12,7 +12,6 @@ template_la_LDFLAGS = -module -avoid-version
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
CLEANFILES += *.pcap-dist
if ENABLE_GCOV
gcov-local:

4
plugins/txtout/Makefile.am
View file

@ -1,5 +1,5 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
@ -12,7 +12,7 @@ txtout_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
CLEANFILES += test1.out *.pcap-dist
CLEANFILES += test1.out
if ENABLE_GCOV
gcov-local:

15
plugins/txtout/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -205,8 +205,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
@ -362,6 +360,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -400,6 +399,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -410,6 +411,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -516,7 +518,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov test1.out *.pcap-dist
CLEANFILES = *.gcda *.gcno *.gcov *.pcap-dist test1.out
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
@ -803,7 +805,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -858,7 +860,6 @@ test1.sh.log: test1.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am

3
src/Makefile.am
View file

@ -17,7 +17,8 @@ bin_PROGRAMS = dnscap
dnscap_SOURCES = args.c assert.c bpft.c daemon.c dnscap.c dump_cbor.c \
dump_cds.c dump_dns.c dumper.c endpoint.c hashtbl.c iaddr.c log.c \
network.c options.c pcaps.c sig.c tcpstate.c tcpreasm.c memzero.c \
pcap-thread/pcap_thread.c pcap-thread/pcap_thread_ext_frag.c
pcap-thread/pcap_thread.c pcap-thread/pcap_thread_ext_frag.c \
ext/lookup3.c
dist_dnscap_SOURCES = args.h bpft.h daemon.h dnscap_common.h dnscap.h \
dump_cbor.h dump_cds.h dump_dns.h dumper.h endpoint.h hashtbl.h iaddr.h \
log.h network.h options.h pcaps.h sig.h tcpstate.h tcpreasm.h memzero.h \

36
src/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -118,7 +118,8 @@ am_dnscap_OBJECTS = args.$(OBJEXT) assert.$(OBJEXT) bpft.$(OBJEXT) \
pcaps.$(OBJEXT) sig.$(OBJEXT) tcpstate.$(OBJEXT) \
tcpreasm.$(OBJEXT) memzero.$(OBJEXT) \
pcap-thread/pcap_thread.$(OBJEXT) \
pcap-thread/pcap_thread_ext_frag.$(OBJEXT)
pcap-thread/pcap_thread_ext_frag.$(OBJEXT) \
ext/lookup3.$(OBJEXT)
dist_dnscap_OBJECTS =
dnscap_OBJECTS = $(am_dnscap_OBJECTS) $(dist_dnscap_OBJECTS)
am__DEPENDENCIES_1 =
@ -152,7 +153,7 @@ am__depfiles_remade = ./$(DEPDIR)/args.Po ./$(DEPDIR)/assert.Po \
./$(DEPDIR)/memzero.Po ./$(DEPDIR)/network.Po \
./$(DEPDIR)/options.Po ./$(DEPDIR)/pcaps.Po ./$(DEPDIR)/sig.Po \
./$(DEPDIR)/tcpreasm.Po ./$(DEPDIR)/tcpstate.Po \
pcap-thread/$(DEPDIR)/pcap_thread.Po \
ext/$(DEPDIR)/lookup3.Po pcap-thread/$(DEPDIR)/pcap_thread.Po \
pcap-thread/$(DEPDIR)/pcap_thread_ext_frag.Po
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -227,8 +228,8 @@ am__recursive_targets = \
AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
distdir distdir-am
am__extra_recursive_targets = gcov-recursive
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \
$(LISP)config.h.in
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \
config.h.in
# Read a list of newline-separated strings from the standard input,
# and print each of them once, without duplicates. Input order is
# *not* preserved.
@ -245,8 +246,6 @@ am__define_uniq_tagged_files = \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \
$(top_srcdir)/depcomp
@ -289,6 +288,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -299,6 +300,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -418,7 +420,8 @@ EXTRA_DIST = dnscap.1.in
dnscap_SOURCES = args.c assert.c bpft.c daemon.c dnscap.c dump_cbor.c \
dump_cds.c dump_dns.c dumper.c endpoint.c hashtbl.c iaddr.c log.c \
network.c options.c pcaps.c sig.c tcpstate.c tcpreasm.c memzero.c \
pcap-thread/pcap_thread.c pcap-thread/pcap_thread_ext_frag.c
pcap-thread/pcap_thread.c pcap-thread/pcap_thread_ext_frag.c \
ext/lookup3.c
dist_dnscap_SOURCES = args.h bpft.h daemon.h dnscap_common.h dnscap.h \
dump_cbor.h dump_cds.h dump_dns.h dumper.h endpoint.h hashtbl.h iaddr.h \
@ -537,6 +540,14 @@ pcap-thread/pcap_thread.$(OBJEXT): pcap-thread/$(am__dirstamp) \
pcap-thread/pcap_thread_ext_frag.$(OBJEXT): \
pcap-thread/$(am__dirstamp) \
pcap-thread/$(DEPDIR)/$(am__dirstamp)
ext/$(am__dirstamp):
@$(MKDIR_P) ext
@: > ext/$(am__dirstamp)
ext/$(DEPDIR)/$(am__dirstamp):
@$(MKDIR_P) ext/$(DEPDIR)
@: > ext/$(DEPDIR)/$(am__dirstamp)
ext/lookup3.$(OBJEXT): ext/$(am__dirstamp) \
ext/$(DEPDIR)/$(am__dirstamp)
dnscap$(EXEEXT): $(dnscap_OBJECTS) $(dnscap_DEPENDENCIES) $(EXTRA_dnscap_DEPENDENCIES)
@rm -f dnscap$(EXEEXT)
@ -544,6 +555,7 @@ dnscap$(EXEEXT): $(dnscap_OBJECTS) $(dnscap_DEPENDENCIES) $(EXTRA_dnscap_DEPENDE
mostlyclean-compile:
-rm -f *.$(OBJEXT)
-rm -f ext/*.$(OBJEXT)
-rm -f pcap-thread/*.$(OBJEXT)
distclean-compile:
@ -569,6 +581,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sig.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcpreasm.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcpstate.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@ext/$(DEPDIR)/lookup3.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@pcap-thread/$(DEPDIR)/pcap_thread.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@pcap-thread/$(DEPDIR)/pcap_thread_ext_frag.Po@am__quote@ # am--include-marker
@ -748,7 +761,6 @@ cscopelist-am: $(am__tagged_files)
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
@ -842,6 +854,8 @@ clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
-rm -f ext/$(DEPDIR)/$(am__dirstamp)
-rm -f ext/$(am__dirstamp)
-rm -f pcap-thread/$(DEPDIR)/$(am__dirstamp)
-rm -f pcap-thread/$(am__dirstamp)
@ -875,6 +889,7 @@ distclean: distclean-recursive
-rm -f ./$(DEPDIR)/sig.Po
-rm -f ./$(DEPDIR)/tcpreasm.Po
-rm -f ./$(DEPDIR)/tcpstate.Po
-rm -f ext/$(DEPDIR)/lookup3.Po
-rm -f pcap-thread/$(DEPDIR)/pcap_thread.Po
-rm -f pcap-thread/$(DEPDIR)/pcap_thread_ext_frag.Po
-rm -f Makefile
@ -946,6 +961,7 @@ maintainer-clean: maintainer-clean-recursive
-rm -f ./$(DEPDIR)/sig.Po
-rm -f ./$(DEPDIR)/tcpreasm.Po
-rm -f ./$(DEPDIR)/tcpstate.Po
-rm -f ext/$(DEPDIR)/lookup3.Po
-rm -f pcap-thread/$(DEPDIR)/pcap_thread.Po
-rm -f pcap-thread/$(DEPDIR)/pcap_thread_ext_frag.Po
-rm -f Makefile

13
src/config.h.in
View file

@ -81,9 +81,6 @@
/* Define to 1 if you have the <machine/endian.h> header file. */
#undef HAVE_MACHINE_ENDIAN_H
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the <netdb.h> header file. */
#undef HAVE_NETDB_H
@ -163,6 +160,9 @@
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdio.h> header file. */
#undef HAVE_STDIO_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
@ -230,10 +230,13 @@
your system. */
#undef PTHREAD_CREATE_JOINABLE
/* Define to 1 if you have the ANSI C header files. */
/* Define to 1 if all of the C90 standard headers exist (not just the ones
required in a freestanding environment). This macro is provided for
backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. This
macro is obsolete. */
#undef TIME_WITH_SYS_TIME
/* Define this to enable Linux seccomp-bpf sandbox. */

10
src/dnscap.h
View file

@ -297,9 +297,19 @@ struct tcpreasm {
size_t bfb_at;
};
struct tcpstate_key {
iaddr* saddr;
iaddr* daddr;
unsigned sport;
unsigned dport;
};
typedef struct tcpstate_key tcpstate_key;
struct tcpstate {
LINK(struct tcpstate)
link;
tcpstate_key key;
iaddr saddr;
iaddr daddr;
uint16_t sport;

8
src/dnscap_common.h
View file

@ -116,10 +116,10 @@ typedef int filter_t(const char* descr,
unsigned sport,
unsigned dport,
my_bpftimeval ts,
const u_char* pkt_copy,
const unsigned olen,
const u_char* payload,
const unsigned payloadlen);
u_char* pkt_copy,
unsigned olen,
u_char* payload,
unsigned payloadlen);
/*
* Extensions

4
src/dumper.c
View file

@ -44,8 +44,8 @@
*/
void output(const char* descr, iaddr from, iaddr to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen)
u_char* pkt_copy, const unsigned olen,
u_char* payload, const unsigned payloadlen)
{
struct plugin* p;

4
src/dumper.h
View file

@ -39,8 +39,8 @@
void output(const char* descr, iaddr from, iaddr to, uint8_t proto, unsigned flags,
unsigned sport, unsigned dport, my_bpftimeval ts,
const u_char* pkt_copy, const unsigned olen,
const u_char* payload, const unsigned payloadlen);
u_char* pkt_copy, const unsigned olen,
u_char* payload, const unsigned payloadlen);
int dumper_open(my_bpftimeval ts);
int dumper_close(my_bpftimeval ts);

1235
src/ext/lookup3.c Normal file
View file

File diff suppressed because it is too large Load diff

9
src/hashtbl.h
View file

@ -67,4 +67,13 @@ void hash_remove(const void* key, hashtbl* tbl);
void hash_free(hashtbl* tbl);
void hash_destroy(hashtbl* tbl);
/*
* found in lookup3.c
*/
#include <stddef.h>
#include <stdint.h>
extern uint32_t hashlittle(const void* key, size_t length, uint32_t initval);
extern uint32_t hashbig(const void* key, size_t length, uint32_t initval);
extern uint32_t hashword(const uint32_t* k, size_t length, uint32_t initval);
#endif // __dnscap_hashtbl_h

13
src/iaddr.c
View file

@ -66,3 +66,16 @@ int ia_equal(iaddr x, iaddr y)
}
return FALSE;
}
int ia_equalp(iaddr* x, iaddr* y)
{
if (x->af != y->af)
return FALSE;
switch (x->af) {
case AF_INET:
return (x->u.a4.s_addr == y->u.a4.s_addr);
case AF_INET6:
return (memcmp(&x->u.a6.s6_addr, &y->u.a6.s6_addr, sizeof(x->u.a6.s6_addr)) == 0);
}
return FALSE;
}

1
src/iaddr.h
View file

@ -39,5 +39,6 @@
const char* ia_str(iaddr ia);
int ia_equal(iaddr x, iaddr y);
int ia_equalp(iaddr* x, iaddr* y);
#endif /* __dnscap_iaddr_h */

26
src/network.c
View file

@ -610,7 +610,7 @@ _filter_by_qname(const ldns_pkt* lpkt, char** reason)
void network_pkt2(const char* descr, my_bpftimeval ts, const pcap_thread_packet_t* packet, const u_char* payload, size_t length)
{
u_char pkt_copy[SNAPLEN], *pkt = pkt_copy;
const u_char* dnspkt = 0;
u_char* dnspkt = 0;
unsigned proto, sport, dport;
iaddr from, to, initiator, responder;
int response, m;
@ -664,8 +664,8 @@ void network_pkt2(const char* descr, my_bpftimeval ts, const pcap_thread_packet_
proto = IPPROTO_UDP;
sport = packet->udphdr.uh_sport;
dport = packet->udphdr.uh_dport;
dnspkt = payload;
dnslen = length;
dnspkt = pkt;
dnslen = len;
flags |= DNSCAP_OUTPUT_ISDNS;
} else if (packet->have_tcphdr) {
uint32_t seq = packet->tcphdr.th_seq;
@ -730,14 +730,7 @@ void network_pkt2(const char* descr, my_bpftimeval ts, const pcap_thread_packet_
_curr_tcpstate = 0;
/* End of stream; deallocate the tcpstate. */
if (tcpstate) {
UNLINK(tcpstates, tcpstate, link);
if (tcpstate->reasm) {
tcpreasm_free(tcpstate->reasm);
}
free(tcpstate);
tcpstate_count--;
}
tcpstate_free(tcpstate);
return;
}
if (packet->tcphdr.th_flags & TH_SYN) {
@ -1084,7 +1077,7 @@ void network_pkt(const char* descr, my_bpftimeval ts, unsigned pf,
const u_char* opkt, size_t olen)
{
u_char pkt_copy[SNAPLEN], *pkt = pkt_copy;
const u_char* dnspkt = 0;
u_char* dnspkt = 0;
unsigned proto, sport, dport;
iaddr from, to, initiator, responder;
struct ip6_hdr* ipv6;
@ -1314,14 +1307,7 @@ void network_pkt(const char* descr, my_bpftimeval ts, unsigned pf,
pkt_copy, olen, NULL, 0);
_curr_tcpstate = 0;
/* End of stream; deallocate the tcpstate. */
if (tcpstate) {
UNLINK(tcpstates, tcpstate, link);
if (tcpstate->reasm) {
tcpreasm_free(tcpstate->reasm);
}
free(tcpstate);
tcpstate_count--;
}
tcpstate_free(tcpstate);
goto network_pkt_end;
}
if (tcp->th_flags & TH_SYN) {

84
src/tcpstate.c
View file

@ -38,11 +38,18 @@
#include "iaddr.h"
#include "log.h"
#include "tcpreasm.h"
#include "hashtbl.h"
#ifndef s6_addr32
#define s6_addr32 __u6_addr.__u6_addr32
#endif
#define MAX_TCP_IDLE_TIME 600
#define MAX_TCP_IDLE_COUNT 4096
#define TCP_GC_TIME 60
static hashtbl* _hash = 0;
tcpstate_ptr tcpstate_find(iaddr from, iaddr to, unsigned sport, unsigned dport, time_t t)
{
static time_t next_gc = 0;
@ -59,12 +66,15 @@ tcpstate_ptr tcpstate_find(iaddr from, iaddr to, unsigned sport, unsigned dport,
}
#endif
for (tcpstate = HEAD(tcpstates);
tcpstate != NULL;
tcpstate = NEXT(tcpstate, link)) {
if (ia_equal(tcpstate->saddr, from) && ia_equal(tcpstate->daddr, to) && tcpstate->sport == sport && tcpstate->dport == dport)
break;
}
tcpstate_key key = {
.saddr = &from,
.daddr = &to,
.sport = sport,
.dport = dport
};
tcpstate = hash_find(&key, _hash);
if (tcpstate != NULL) {
tcpstate->last_use = t;
if (tcpstate != HEAD(tcpstates)) {
@ -77,10 +87,47 @@ tcpstate_ptr tcpstate_find(iaddr from, iaddr to, unsigned sport, unsigned dport,
return tcpstate;
}
unsigned int tcpstate_hash(const tcpstate_key* key)
{
uint32_t h = 0;
switch (key->saddr->af) {
case AF_INET:
h = hashword(&key->saddr->u.a4.s_addr, 1, h);
break;
case AF_INET6:
h = hashword(key->saddr->u.a6.s6_addr32, 4, h);
break;
}
switch (key->daddr->af) {
case AF_INET:
h = hashword(&key->daddr->u.a4.s_addr, 1, h);
break;
case AF_INET6:
h = hashword(key->daddr->u.a6.s6_addr32, 4, h);
break;
}
uint32_t p = (key->sport << 16) | (key->dport & 0xffff);
return hashword(&p, 1, h);
}
int tcpstate_cmp(const tcpstate_key* a, const tcpstate_key* b)
{
if (ia_equalp(a->saddr, b->saddr) && ia_equalp(a->daddr, b->daddr) && a->sport == b->sport && a->dport == b->dport)
return 0;
return 1;
}
tcpstate_ptr _curr_tcpstate = 0;
tcpstate_ptr tcpstate_new(iaddr from, iaddr to, unsigned sport, unsigned dport)
{
if (!_hash) {
_hash = hash_create(65535, (hashkey_func)tcpstate_hash, (hashkeycmp_func)tcpstate_cmp, 0);
assert(_hash);
}
tcpstate_ptr tcpstate = calloc(1, sizeof *tcpstate);
if (tcpstate == NULL) {
/* Out of memory; recycle the least recently used */
@ -95,6 +142,7 @@ tcpstate_ptr tcpstate_new(iaddr from, iaddr to, unsigned sport, unsigned dport)
if (_curr_tcpstate == tcpstate) {
_curr_tcpstate = 0;
}
hash_remove(&tcpstate->key, _hash);
memset(tcpstate, 0, sizeof(*tcpstate));
} else {
tcpstate_count++;
@ -105,6 +153,13 @@ tcpstate_ptr tcpstate_new(iaddr from, iaddr to, unsigned sport, unsigned dport)
tcpstate->dport = dport;
INIT_LINK(tcpstate, link);
PREPEND(tcpstates, tcpstate, link);
tcpstate->key.saddr = &tcpstate->saddr;
tcpstate->key.daddr = &tcpstate->daddr;
tcpstate->key.sport = sport;
tcpstate->key.dport = dport;
hash_add(&tcpstate->key, tcpstate, _hash);
return tcpstate;
}
@ -124,6 +179,7 @@ void tcpstate_discard(tcpstate_ptr tcpstate, const char* msg)
if (tcpstate->reasm) {
tcpreasm_free(tcpstate->reasm);
}
hash_remove(&tcpstate->key, _hash);
free(tcpstate);
if (_curr_tcpstate == tcpstate) {
_curr_tcpstate = 0;
@ -149,3 +205,19 @@ void tcpstate_reset(tcpstate_ptr tcpstate, const char* msg)
}
}
}
void tcpstate_free(tcpstate_ptr tcpstate)
{
if (tcpstate) {
UNLINK(tcpstates, tcpstate, link);
if (tcpstate->reasm) {
tcpreasm_free(tcpstate->reasm);
}
hash_remove(&tcpstate->key, _hash);
free(tcpstate);
if (_curr_tcpstate == tcpstate) {
_curr_tcpstate = 0;
}
tcpstate_count--;
}
}

1
src/tcpstate.h
View file

@ -42,5 +42,6 @@ tcpstate_ptr tcpstate_new(iaddr from, iaddr to, unsigned sport, unsigned dport);
void tcpstate_discard(tcpstate_ptr tcpstate, const char* msg);
tcpstate_ptr tcpstate_getcurr(void);
void tcpstate_reset(tcpstate_ptr tcpstate, const char* msg);
void tcpstate_free(tcpstate_ptr tcpstate);
#endif /* __dnscap_tcpstate_h */

46
src/test/Makefile.am
View file

@ -1,10 +1,9 @@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = test*.log test*.trs \
*.pcap-dist \
dns.out \
no-layers.out layers.out \
frags.out \
frags.out frags.gold \
padding-no-layers.out padding-layers.out \
vlan11.out \
dnspad.out \
@ -16,46 +15,12 @@ CLEANFILES = test*.log test*.trs \
test12.out test12.20161020.152301.075993.gz \
test13.out \
test14.out \
test_regex_match.out
test_regex_match.out \
edns.out
TESTS = test1.sh test2.sh test3.sh test4.sh test5.sh test6.sh test7.sh \
test8.sh test9.sh test10.sh test11.sh test12.sh test13.sh test14.sh \
test_regex_match.sh
test1.sh: dns.pcap-dist
test2.sh: dns.pcap-dist
test3.sh: frags.pcap-dist
test4.sh: 1qtcppadd.pcap-dist
test5.sh: vlan11.pcap-dist
test6.sh: dnspad.pcap-dist
test7.sh: 1qtcpnosyn.pcap-dist dnso1tcp.pcap-dist \
do1t-nosyn-1nolen.pcap-dist dnso1tcp-midmiss.pcap-dist
test8.sh: dnsotcp-many1pkt.pcap-dist dnsotcp-manyopkts.pcap-dist \
dnso1tcp-bighole.pcap-dist
test9.sh: dns.pcap-dist
test10.sh: dns6.pcap-dist
test11.sh: dns.pcap-dist
test12.sh: dns.pcap-dist
test13.sh: dns.pcap-dist
test14.sh: dns.pcap-dist
test_regex_match.sh: dns.pcap-dist
.pcap.pcap-dist:
cp "$<" "$@"
test_regex_match.sh test_edns.sh
EXTRA_DIST = $(TESTS) \
dns.gold dns.pcap \
@ -70,4 +35,5 @@ EXTRA_DIST = $(TESTS) \
test9.gold \
dns6.pcap test10.gold \
test14.gold \
test_regex_match.gold
test_regex_match.gold \
edns.pcap edns.gold

66
src/test/Makefile.in
View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am.
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -308,6 +308,7 @@ am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
@ -345,6 +346,8 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
@ -355,6 +358,7 @@ ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
GREP = @GREP@
@ -462,10 +466,9 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = test*.log test*.trs \
*.pcap-dist \
dns.out \
no-layers.out layers.out \
frags.out \
frags.out frags.gold \
padding-no-layers.out padding-layers.out \
vlan11.out \
dnspad.out \
@ -477,11 +480,12 @@ CLEANFILES = test*.log test*.trs \
test12.out test12.20161020.152301.075993.gz \
test13.out \
test14.out \
test_regex_match.out
test_regex_match.out \
edns.out
TESTS = test1.sh test2.sh test3.sh test4.sh test5.sh test6.sh test7.sh \
test8.sh test9.sh test10.sh test11.sh test12.sh test13.sh test14.sh \
test_regex_match.sh
test_regex_match.sh test_edns.sh
EXTRA_DIST = $(TESTS) \
dns.gold dns.pcap \
@ -496,12 +500,13 @@ EXTRA_DIST = $(TESTS) \
test9.gold \
dns6.pcap test10.gold \
test14.gold \
test_regex_match.gold
test_regex_match.gold \
edns.pcap edns.gold
all: all-am
.SUFFIXES:
.SUFFIXES: .log .pcap .pcap-dist .test .test$(EXEEXT) .trs
.SUFFIXES: .log .test .test$(EXEEXT) .trs
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
@ -652,7 +657,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
@ -791,6 +796,13 @@ test_regex_match.sh.log: test_regex_match.sh
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test_edns.sh.log: test_edns.sh
@p='test_edns.sh'; \
b='test_edns.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
.test.log:
@p='$<'; \
$(am__set_b); \
@ -805,7 +817,6 @@ test_regex_match.sh.log: test_regex_match.sh
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
@ -967,41 +978,6 @@ uninstall-am:
.PRECIOUS: Makefile
test1.sh: dns.pcap-dist
test2.sh: dns.pcap-dist
test3.sh: frags.pcap-dist
test4.sh: 1qtcppadd.pcap-dist
test5.sh: vlan11.pcap-dist
test6.sh: dnspad.pcap-dist
test7.sh: 1qtcpnosyn.pcap-dist dnso1tcp.pcap-dist \
do1t-nosyn-1nolen.pcap-dist dnso1tcp-midmiss.pcap-dist
test8.sh: dnsotcp-many1pkt.pcap-dist dnsotcp-manyopkts.pcap-dist \
dnso1tcp-bighole.pcap-dist
test9.sh: dns.pcap-dist
test10.sh: dns6.pcap-dist
test11.sh: dns.pcap-dist
test12.sh: dns.pcap-dist
test13.sh: dns.pcap-dist
test14.sh: dns.pcap-dist
test_regex_match.sh: dns.pcap-dist
.pcap.pcap-dist:
cp "$<" "$@"
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

164
src/test/dns.gold
View file

@ -1,8 +1,8 @@
[56] 2016-10-20 15:23:01.075993 [#0 dns.pcap-dist 4095] \
[56] 2016-10-20 15:23:01.075993 [#0 dns.pcap 4095] \
[172.17.0.10].53199 [8.8.8.8].53 \
dns QUERY,NOERROR,59311,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:23:01.077982 [#1 dns.pcap-dist 4095] \
[208] 2016-10-20 15:23:01.077982 [#1 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].53199 \
dns QUERY,NOERROR,59311,qr|rd|ra \
1 google.com.,IN,A \
@ -15,11 +15,11 @@
ns1.google.com.,IN,A,331882,216.239.32.10 \
ns3.google.com.,IN,A,157880,216.239.36.10 \
ns4.google.com.,IN,A,157880,216.239.38.10
[73] 2016-10-20 15:23:01.082865 [#2 dns.pcap-dist 4095] \
[73] 2016-10-20 15:23:01.082865 [#2 dns.pcap 4095] \
[172.17.0.10].57822 [8.8.8.8].53 \
dns QUERY,NOERROR,35665,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:23:01.084107 [#3 dns.pcap-dist 4095] \
[289] 2016-10-20 15:23:01.084107 [#3 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].57822 \
dns QUERY,NOERROR,35665,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -33,11 +33,11 @@
ns3.google.com.,IN,A,157880,216.239.36.10 \
ns4.google.com.,IN,A,157880,216.239.38.10 \
ns2.google.com.,IN,A,157880,216.239.34.10
[56] 2016-10-20 15:23:01.087291 [#4 dns.pcap-dist 4095] \
[56] 2016-10-20 15:23:01.087291 [#4 dns.pcap 4095] \
[172.17.0.10].40043 [8.8.8.8].53 \
dns QUERY,NOERROR,5337,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:23:01.088733 [#5 dns.pcap-dist 4095] \
[208] 2016-10-20 15:23:01.088733 [#5 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].40043 \
dns QUERY,NOERROR,5337,qr|rd|ra \
1 google.com.,IN,A \
@ -50,11 +50,11 @@
ns1.google.com.,IN,A,331882,216.239.32.10 \
ns3.google.com.,IN,A,157880,216.239.36.10 \
ns4.google.com.,IN,A,157880,216.239.38.10
[56] 2016-10-20 15:23:10.322117 [#6 dns.pcap-dist 4095] \
[56] 2016-10-20 15:23:10.322117 [#6 dns.pcap 4095] \
[172.17.0.10].37953 [8.8.8.8].53 \
dns QUERY,NOERROR,22982,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:23:10.323399 [#7 dns.pcap-dist 4095] \
[208] 2016-10-20 15:23:10.323399 [#7 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].37953 \
dns QUERY,NOERROR,22982,qr|rd|ra \
1 google.com.,IN,A \
@ -67,11 +67,11 @@
ns1.google.com.,IN,A,331872,216.239.32.10 \
ns3.google.com.,IN,A,157870,216.239.36.10 \
ns4.google.com.,IN,A,157870,216.239.38.10
[73] 2016-10-20 15:23:10.328324 [#8 dns.pcap-dist 4095] \
[73] 2016-10-20 15:23:10.328324 [#8 dns.pcap 4095] \
[172.17.0.10].48658 [8.8.8.8].53 \
dns QUERY,NOERROR,18718,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:23:10.329572 [#9 dns.pcap-dist 4095] \
[289] 2016-10-20 15:23:10.329572 [#9 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].48658 \
dns QUERY,NOERROR,18718,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -85,11 +85,11 @@
ns3.google.com.,IN,A,157870,216.239.36.10 \
ns4.google.com.,IN,A,157870,216.239.38.10 \
ns2.google.com.,IN,A,157870,216.239.34.10
[56] 2016-10-20 15:23:52.860937 [#10 dns.pcap-dist 4095] \
[56] 2016-10-20 15:23:52.860937 [#10 dns.pcap 4095] \
[172.17.0.10].40953 [8.8.8.8].53 \
dns QUERY,NOERROR,22531,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:23:52.863771 [#11 dns.pcap-dist 4095] \
[208] 2016-10-20 15:23:52.863771 [#11 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].40953 \
dns QUERY,NOERROR,22531,qr|rd|ra \
1 google.com.,IN,A \
@ -102,11 +102,11 @@
ns1.google.com.,IN,A,331830,216.239.32.10 \
ns3.google.com.,IN,A,157828,216.239.36.10 \
ns4.google.com.,IN,A,157828,216.239.38.10
[56] 2016-10-20 15:23:59.083869 [#12 dns.pcap-dist 4095] \
[56] 2016-10-20 15:23:59.083869 [#12 dns.pcap 4095] \
[172.17.0.10].45174 [8.8.8.8].53 \
dns QUERY,NOERROR,58510,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:23:59.086104 [#13 dns.pcap-dist 4095] \
[208] 2016-10-20 15:23:59.086104 [#13 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].45174 \
dns QUERY,NOERROR,58510,qr|rd|ra \
1 google.com.,IN,A \
@ -119,11 +119,11 @@
ns1.google.com.,IN,A,331824,216.239.32.10 \
ns3.google.com.,IN,A,157822,216.239.36.10 \
ns4.google.com.,IN,A,157822,216.239.38.10
[73] 2016-10-20 15:23:59.090911 [#14 dns.pcap-dist 4095] \
[73] 2016-10-20 15:23:59.090911 [#14 dns.pcap 4095] \
[172.17.0.10].33916 [8.8.8.8].53 \
dns QUERY,NOERROR,45248,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:23:59.092204 [#15 dns.pcap-dist 4095] \
[289] 2016-10-20 15:23:59.092204 [#15 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].33916 \
dns QUERY,NOERROR,45248,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -137,11 +137,11 @@
ns3.google.com.,IN,A,157822,216.239.36.10 \
ns4.google.com.,IN,A,157822,216.239.38.10 \
ns2.google.com.,IN,A,157822,216.239.34.10
[56] 2016-10-20 15:24:04.323868 [#16 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:04.323868 [#16 dns.pcap 4095] \
[172.17.0.10].43559 [8.8.8.8].53 \
dns QUERY,NOERROR,49483,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:04.325597 [#17 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:04.325597 [#17 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].43559 \
dns QUERY,NOERROR,49483,qr|rd|ra \
1 google.com.,IN,A \
@ -154,11 +154,11 @@
ns1.google.com.,IN,A,331818,216.239.32.10 \
ns3.google.com.,IN,A,157816,216.239.36.10 \
ns4.google.com.,IN,A,157816,216.239.38.10
[56] 2016-10-20 15:24:06.332239 [#18 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:06.332239 [#18 dns.pcap 4095] \
[172.17.0.10].54859 [8.8.8.8].53 \
dns QUERY,NOERROR,31669,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:06.333743 [#19 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:06.333743 [#19 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].54859 \
dns QUERY,NOERROR,31669,qr|rd|ra \
1 google.com.,IN,A \
@ -171,11 +171,11 @@
ns1.google.com.,IN,A,331816,216.239.32.10 \
ns3.google.com.,IN,A,157814,216.239.36.10 \
ns4.google.com.,IN,A,157814,216.239.38.10
[73] 2016-10-20 15:24:06.339145 [#20 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:06.339145 [#20 dns.pcap 4095] \
[172.17.0.10].58176 [8.8.8.8].53 \
dns QUERY,NOERROR,25433,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:06.340820 [#21 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:06.340820 [#21 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].58176 \
dns QUERY,NOERROR,25433,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -189,11 +189,11 @@
ns3.google.com.,IN,A,157814,216.239.36.10 \
ns4.google.com.,IN,A,157814,216.239.38.10 \
ns2.google.com.,IN,A,157814,216.239.34.10
[56] 2016-10-20 15:24:07.346429 [#22 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:07.346429 [#22 dns.pcap 4095] \
[172.17.0.10].41266 [8.8.8.8].53 \
dns QUERY,NOERROR,63798,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:07.348160 [#23 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:07.348160 [#23 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].41266 \
dns QUERY,NOERROR,63798,qr|rd|ra \
1 google.com.,IN,A \
@ -206,11 +206,11 @@
ns1.google.com.,IN,A,331815,216.239.32.10 \
ns3.google.com.,IN,A,157813,216.239.36.10 \
ns4.google.com.,IN,A,157813,216.239.38.10
[73] 2016-10-20 15:24:07.353123 [#24 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:07.353123 [#24 dns.pcap 4095] \
[172.17.0.10].34607 [8.8.8.8].53 \
dns QUERY,NOERROR,8470,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:07.354682 [#25 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:07.354682 [#25 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].34607 \
dns QUERY,NOERROR,8470,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -224,11 +224,11 @@
ns3.google.com.,IN,A,157813,216.239.36.10 \
ns4.google.com.,IN,A,157813,216.239.38.10 \
ns2.google.com.,IN,A,157813,216.239.34.10
[56] 2016-10-20 15:24:08.360528 [#26 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:08.360528 [#26 dns.pcap 4095] \
[172.17.0.10].60437 [8.8.8.8].53 \
dns QUERY,NOERROR,60258,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:08.362206 [#27 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:08.362206 [#27 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].60437 \
dns QUERY,NOERROR,60258,qr|rd|ra \
1 google.com.,IN,A \
@ -241,11 +241,11 @@
ns1.google.com.,IN,A,331814,216.239.32.10 \
ns3.google.com.,IN,A,157812,216.239.36.10 \
ns4.google.com.,IN,A,157812,216.239.38.10
[73] 2016-10-20 15:24:08.368516 [#28 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:08.368516 [#28 dns.pcap 4095] \
[172.17.0.10].37149 [8.8.8.8].53 \
dns QUERY,NOERROR,44985,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:08.370119 [#29 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:08.370119 [#29 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].37149 \
dns QUERY,NOERROR,44985,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -259,11 +259,11 @@
ns3.google.com.,IN,A,157812,216.239.36.10 \
ns4.google.com.,IN,A,157812,216.239.38.10 \
ns2.google.com.,IN,A,157812,216.239.34.10
[56] 2016-10-20 15:24:09.375942 [#30 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:09.375942 [#30 dns.pcap 4095] \
[172.17.0.10].53820 [8.8.8.8].53 \
dns QUERY,NOERROR,45512,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:09.378425 [#31 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:09.378425 [#31 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].53820 \
dns QUERY,NOERROR,45512,qr|rd|ra \
1 google.com.,IN,A \
@ -276,11 +276,11 @@
ns1.google.com.,IN,A,331813,216.239.32.10 \
ns3.google.com.,IN,A,157811,216.239.36.10 \
ns4.google.com.,IN,A,157811,216.239.38.10
[73] 2016-10-20 15:24:09.384057 [#32 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:09.384057 [#32 dns.pcap 4095] \
[172.17.0.10].52368 [8.8.8.8].53 \
dns QUERY,NOERROR,22980,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:09.385463 [#33 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:09.385463 [#33 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].52368 \
dns QUERY,NOERROR,22980,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -294,11 +294,11 @@
ns3.google.com.,IN,A,157811,216.239.36.10 \
ns4.google.com.,IN,A,157811,216.239.38.10 \
ns2.google.com.,IN,A,157811,216.239.34.10
[56] 2016-10-20 15:24:10.391358 [#34 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:10.391358 [#34 dns.pcap 4095] \
[172.17.0.10].47637 [8.8.8.8].53 \
dns QUERY,NOERROR,1834,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:10.392886 [#35 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:10.392886 [#35 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].47637 \
dns QUERY,NOERROR,1834,qr|rd|ra \
1 google.com.,IN,A \
@ -311,11 +311,11 @@
ns1.google.com.,IN,A,331812,216.239.32.10 \
ns3.google.com.,IN,A,157810,216.239.36.10 \
ns4.google.com.,IN,A,157810,216.239.38.10
[73] 2016-10-20 15:24:10.398099 [#36 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:10.398099 [#36 dns.pcap 4095] \
[172.17.0.10].34426 [8.8.8.8].53 \
dns QUERY,NOERROR,25431,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:10.400317 [#37 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:10.400317 [#37 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].34426 \
dns QUERY,NOERROR,25431,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -329,11 +329,11 @@
ns3.google.com.,IN,A,157810,216.239.36.10 \
ns4.google.com.,IN,A,157810,216.239.38.10 \
ns2.google.com.,IN,A,157810,216.239.34.10
[56] 2016-10-20 15:24:11.406297 [#38 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:11.406297 [#38 dns.pcap 4095] \
[172.17.0.10].41059 [8.8.8.8].53 \
dns QUERY,NOERROR,48432,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:11.407460 [#39 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:11.407460 [#39 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].41059 \
dns QUERY,NOERROR,48432,qr|rd|ra \
1 google.com.,IN,A \
@ -346,11 +346,11 @@
ns1.google.com.,IN,A,331811,216.239.32.10 \
ns3.google.com.,IN,A,157809,216.239.36.10 \
ns4.google.com.,IN,A,157809,216.239.38.10
[73] 2016-10-20 15:24:11.412133 [#40 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:11.412133 [#40 dns.pcap 4095] \
[172.17.0.10].51181 [8.8.8.8].53 \
dns QUERY,NOERROR,47411,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:11.413370 [#41 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:11.413370 [#41 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].51181 \
dns QUERY,NOERROR,47411,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -364,11 +364,11 @@
ns3.google.com.,IN,A,157809,216.239.36.10 \
ns4.google.com.,IN,A,157809,216.239.38.10 \
ns2.google.com.,IN,A,157809,216.239.34.10
[56] 2016-10-20 15:24:12.419936 [#42 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:12.419936 [#42 dns.pcap 4095] \
[172.17.0.10].32976 [8.8.8.8].53 \
dns QUERY,NOERROR,12038,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:12.421228 [#43 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:12.421228 [#43 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].32976 \
dns QUERY,NOERROR,12038,qr|rd|ra \
1 google.com.,IN,A \
@ -381,11 +381,11 @@
ns1.google.com.,IN,A,331810,216.239.32.10 \
ns3.google.com.,IN,A,157808,216.239.36.10 \
ns4.google.com.,IN,A,157808,216.239.38.10
[56] 2016-10-20 15:24:14.428524 [#44 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:14.428524 [#44 dns.pcap 4095] \
[172.17.0.10].53467 [8.8.8.8].53 \
dns QUERY,NOERROR,11614,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:14.429863 [#45 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:14.429863 [#45 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].53467 \
dns QUERY,NOERROR,11614,qr|rd|ra \
1 google.com.,IN,A \
@ -398,11 +398,11 @@
ns1.google.com.,IN,A,331808,216.239.32.10 \
ns3.google.com.,IN,A,157806,216.239.36.10 \
ns4.google.com.,IN,A,157806,216.239.38.10
[56] 2016-10-20 15:24:16.435733 [#46 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:16.435733 [#46 dns.pcap 4095] \
[172.17.0.10].41532 [8.8.8.8].53 \
dns QUERY,NOERROR,59173,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:16.437471 [#47 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:16.437471 [#47 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].41532 \
dns QUERY,NOERROR,59173,qr|rd|ra \
1 google.com.,IN,A \
@ -415,11 +415,11 @@
ns1.google.com.,IN,A,331806,216.239.32.10 \
ns3.google.com.,IN,A,157804,216.239.36.10 \
ns4.google.com.,IN,A,157804,216.239.38.10
[56] 2016-10-20 15:24:18.445519 [#48 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:18.445519 [#48 dns.pcap 4095] \
[172.17.0.10].44982 [8.8.8.8].53 \
dns QUERY,NOERROR,45535,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:18.446775 [#49 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:18.446775 [#49 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].44982 \
dns QUERY,NOERROR,45535,qr|rd|ra \
1 google.com.,IN,A \
@ -432,11 +432,11 @@
ns1.google.com.,IN,A,331804,216.239.32.10 \
ns3.google.com.,IN,A,157802,216.239.36.10 \
ns4.google.com.,IN,A,157802,216.239.38.10
[73] 2016-10-20 15:24:18.452451 [#50 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:18.452451 [#50 dns.pcap 4095] \
[172.17.0.10].40224 [8.8.8.8].53 \
dns QUERY,NOERROR,60808,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:18.454030 [#51 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:18.454030 [#51 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].40224 \
dns QUERY,NOERROR,60808,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -450,11 +450,11 @@
ns3.google.com.,IN,A,157802,216.239.36.10 \
ns4.google.com.,IN,A,157802,216.239.38.10 \
ns2.google.com.,IN,A,157802,216.239.34.10
[56] 2016-10-20 15:24:19.460087 [#52 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:19.460087 [#52 dns.pcap 4095] \
[172.17.0.10].45658 [8.8.8.8].53 \
dns QUERY,NOERROR,64325,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:19.462224 [#53 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:19.462224 [#53 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].45658 \
dns QUERY,NOERROR,64325,qr|rd|ra \
1 google.com.,IN,A \
@ -467,11 +467,11 @@
ns1.google.com.,IN,A,331803,216.239.32.10 \
ns3.google.com.,IN,A,157801,216.239.36.10 \
ns4.google.com.,IN,A,157801,216.239.38.10
[73] 2016-10-20 15:24:19.467324 [#54 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:19.467324 [#54 dns.pcap 4095] \
[172.17.0.10].60457 [8.8.8.8].53 \
dns QUERY,NOERROR,25543,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:19.468895 [#55 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:19.468895 [#55 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].60457 \
dns QUERY,NOERROR,25543,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -485,11 +485,11 @@
ns3.google.com.,IN,A,157801,216.239.36.10 \
ns4.google.com.,IN,A,157801,216.239.38.10 \
ns2.google.com.,IN,A,157801,216.239.34.10
[56] 2016-10-20 15:24:20.475086 [#56 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:20.475086 [#56 dns.pcap 4095] \
[172.17.0.10].59762 [8.8.8.8].53 \
dns QUERY,NOERROR,20736,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:20.476841 [#57 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:20.476841 [#57 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].59762 \
dns QUERY,NOERROR,20736,qr|rd|ra \
1 google.com.,IN,A \
@ -502,11 +502,11 @@
ns1.google.com.,IN,A,331802,216.239.32.10 \
ns3.google.com.,IN,A,157800,216.239.36.10 \
ns4.google.com.,IN,A,157800,216.239.38.10
[73] 2016-10-20 15:24:20.482188 [#58 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:20.482188 [#58 dns.pcap 4095] \
[172.17.0.10].56022 [8.8.8.8].53 \
dns QUERY,NOERROR,25911,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:20.483927 [#59 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:20.483927 [#59 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].56022 \
dns QUERY,NOERROR,25911,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -520,11 +520,11 @@
ns3.google.com.,IN,A,157800,216.239.36.10 \
ns4.google.com.,IN,A,157800,216.239.38.10 \
ns2.google.com.,IN,A,157800,216.239.34.10
[56] 2016-10-20 15:24:21.489468 [#60 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:21.489468 [#60 dns.pcap 4095] \
[172.17.0.10].37669 [8.8.8.8].53 \
dns QUERY,NOERROR,64358,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:21.490573 [#61 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:21.490573 [#61 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].37669 \
dns QUERY,NOERROR,64358,qr|rd|ra \
1 google.com.,IN,A \
@ -537,11 +537,11 @@
ns1.google.com.,IN,A,331801,216.239.32.10 \
ns3.google.com.,IN,A,157799,216.239.36.10 \
ns4.google.com.,IN,A,157799,216.239.38.10
[73] 2016-10-20 15:24:21.495324 [#62 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:21.495324 [#62 dns.pcap 4095] \
[172.17.0.10].42978 [8.8.8.8].53 \
dns QUERY,NOERROR,37698,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:21.496815 [#63 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:21.496815 [#63 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].42978 \
dns QUERY,NOERROR,37698,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -555,11 +555,11 @@
ns3.google.com.,IN,A,157799,216.239.36.10 \
ns4.google.com.,IN,A,157799,216.239.38.10 \
ns2.google.com.,IN,A,157799,216.239.34.10
[56] 2016-10-20 15:24:22.502667 [#64 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:22.502667 [#64 dns.pcap 4095] \
[172.17.0.10].49829 [8.8.8.8].53 \
dns QUERY,NOERROR,54706,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:22.504738 [#65 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:22.504738 [#65 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].49829 \
dns QUERY,NOERROR,54706,qr|rd|ra \
1 google.com.,IN,A \
@ -572,11 +572,11 @@
ns1.google.com.,IN,A,331800,216.239.32.10 \
ns3.google.com.,IN,A,157798,216.239.36.10 \
ns4.google.com.,IN,A,157798,216.239.38.10
[73] 2016-10-20 15:24:22.510176 [#66 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:22.510176 [#66 dns.pcap 4095] \
[172.17.0.10].50599 [8.8.8.8].53 \
dns QUERY,NOERROR,32142,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:22.511746 [#67 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:22.511746 [#67 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].50599 \
dns QUERY,NOERROR,32142,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -590,11 +590,11 @@
ns3.google.com.,IN,A,157798,216.239.36.10 \
ns4.google.com.,IN,A,157798,216.239.38.10 \
ns2.google.com.,IN,A,157798,216.239.34.10
[56] 2016-10-20 15:24:23.520203 [#68 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:23.520203 [#68 dns.pcap 4095] \
[172.17.0.10].44980 [8.8.8.8].53 \
dns QUERY,NOERROR,41808,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:23.521976 [#69 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:23.521976 [#69 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].44980 \
dns QUERY,NOERROR,41808,qr|rd|ra \
1 google.com.,IN,A \
@ -607,11 +607,11 @@
ns1.google.com.,IN,A,331799,216.239.32.10 \
ns3.google.com.,IN,A,157797,216.239.36.10 \
ns4.google.com.,IN,A,157797,216.239.38.10
[73] 2016-10-20 15:24:23.527449 [#70 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:23.527449 [#70 dns.pcap 4095] \
[172.17.0.10].60063 [8.8.8.8].53 \
dns QUERY,NOERROR,18886,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:23.529385 [#71 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:23.529385 [#71 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].60063 \
dns QUERY,NOERROR,18886,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -625,11 +625,11 @@
ns3.google.com.,IN,A,157797,216.239.36.10 \
ns4.google.com.,IN,A,157797,216.239.38.10 \
ns2.google.com.,IN,A,157797,216.239.34.10
[56] 2016-10-20 15:24:24.537264 [#72 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:24.537264 [#72 dns.pcap 4095] \
[172.17.0.10].42042 [8.8.8.8].53 \
dns QUERY,NOERROR,10624,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:24.539398 [#73 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:24.539398 [#73 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].42042 \
dns QUERY,NOERROR,10624,qr|rd|ra \
1 google.com.,IN,A \
@ -642,11 +642,11 @@
ns1.google.com.,IN,A,331798,216.239.32.10 \
ns3.google.com.,IN,A,157796,216.239.36.10 \
ns4.google.com.,IN,A,157796,216.239.38.10
[73] 2016-10-20 15:24:24.544538 [#74 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:24.544538 [#74 dns.pcap 4095] \
[172.17.0.10].60469 [8.8.8.8].53 \
dns QUERY,NOERROR,33139,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:24.546172 [#75 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:24.546172 [#75 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].60469 \
dns QUERY,NOERROR,33139,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -660,11 +660,11 @@
ns3.google.com.,IN,A,157796,216.239.36.10 \
ns4.google.com.,IN,A,157796,216.239.38.10 \
ns2.google.com.,IN,A,157796,216.239.34.10
[56] 2016-10-20 15:24:25.554744 [#76 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:25.554744 [#76 dns.pcap 4095] \
[172.17.0.10].45703 [8.8.8.8].53 \
dns QUERY,NOERROR,61415,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:25.556513 [#77 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:25.556513 [#77 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].45703 \
dns QUERY,NOERROR,61415,qr|rd|ra \
1 google.com.,IN,A \
@ -677,11 +677,11 @@
ns1.google.com.,IN,A,331797,216.239.32.10 \
ns3.google.com.,IN,A,157795,216.239.36.10 \
ns4.google.com.,IN,A,157795,216.239.38.10
[73] 2016-10-20 15:24:25.562608 [#78 dns.pcap-dist 4095] \
[73] 2016-10-20 15:24:25.562608 [#78 dns.pcap 4095] \
[172.17.0.10].33507 [8.8.8.8].53 \
dns QUERY,NOERROR,59258,rd \
1 206.218.58.216.in-addr.arpa.,IN,PTR 0 0 0
[289] 2016-10-20 15:24:25.564509 [#79 dns.pcap-dist 4095] \
[289] 2016-10-20 15:24:25.564509 [#79 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].33507 \
dns QUERY,NOERROR,59258,qr|rd|ra \
1 206.218.58.216.in-addr.arpa.,IN,PTR \
@ -695,11 +695,11 @@
ns3.google.com.,IN,A,157795,216.239.36.10 \
ns4.google.com.,IN,A,157795,216.239.38.10 \
ns2.google.com.,IN,A,157795,216.239.34.10
[56] 2016-10-20 15:24:26.572784 [#80 dns.pcap-dist 4095] \
[56] 2016-10-20 15:24:26.572784 [#80 dns.pcap 4095] \
[172.17.0.10].46798 [8.8.8.8].53 \
dns QUERY,NOERROR,17700,rd \
1 google.com.,IN,A 0 0 0
[208] 2016-10-20 15:24:26.574350 [#81 dns.pcap-dist 4095] \
[208] 2016-10-20 15:24:26.574350 [#81 dns.pcap 4095] \
[8.8.8.8].53 [172.17.0.10].46798 \
dns QUERY,NOERROR,17700,qr|rd|ra \
1 google.com.,IN,A \

4
src/test/dnspad.gold
View file

@ -1,8 +1,8 @@
[59] 2016-10-20 15:23:01.075993 [#0 dnspad.pcap-dist 4095] \
[59] 2016-10-20 15:23:01.075993 [#0 dnspad.pcap 4095] \
[172.17.0.10].53199 [8.8.8.8].53 \
dns QUERY,NOERROR,59311,rd \
1 google.com.,IN,A 0 0 0
[59] 2016-10-20 15:23:01.075993 [#0 dnspad.pcap-dist 4095] \
[59] 2016-10-20 15:23:01.075993 [#0 dnspad.pcap 4095] \
[172.17.0.10].53199 [8.8.8.8].53 \
dns QUERY,NOERROR,59311,rd \
1 google.com.,IN,A 0 0 0

123
src/test/edns.gold Normal file
View file

@ -0,0 +1,123 @@
[64] 2023-07-05 07:21:38.669836 [#0 edns.pcap 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,31428,rd \
1 h.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:38.669891 [#1 edns.pcap 4095] \
[172.17.0.6].58541 [172.17.0.1].53 \
dns QUERY,NOERROR,5824,rd \
1 h.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:38.669977 [#2 edns.pcap 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,31428,qr|rd|ra \
1 h.root-servers.net.,IN,A \
1 h.root-servers.net.,IN,A,85098,198.97.190.53 0 0
[92] 2023-07-05 07:21:38.670010 [#3 edns.pcap 4095] \
[172.17.0.1].53 [172.17.0.6].58541 \
dns QUERY,NOERROR,5824,qr|rd|ra \
1 h.root-servers.net.,IN,AAAA \
1 h.root-servers.net.,IN,AAAA,85098,2001:500:1::53 0 0
[88] 2023-07-05 07:21:38.670793 [#4 edns.pcap 4095] \
[172.17.0.6].33737 [198.97.190.53].53 \
dns QUERY,NOERROR,56979,rd|ad \
1 ns1.dns.nic.aaa.,IN,NS 0 0 \
1 .,4096,4096,0,edns0[len=16,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=0],edns0opt[code=10,codelen=8]
[464] 2023-07-05 07:21:38.698303 [#5 edns.pcap 4095] \
[198.97.190.53].53 [172.17.0.6].33737 \
dns QUERY,NOERROR,56979,qr|rd \
1 ns1.dns.nic.aaa.,IN,NS 0 \
6 aaa.,IN,NS,172800,a.nic.aaa. \
aaa.,IN,NS,172800,b.nic.aaa. \
aaa.,IN,NS,172800,c.nic.aaa. \
aaa.,IN,NS,172800,ns1.dns.nic.aaa. \
aaa.,IN,NS,172800,ns2.dns.nic.aaa. \
aaa.,IN,NS,172800,ns3.dns.nic.aaa. \
13 a.nic.aaa.,IN,A,172800,37.209.192.9 \
b.nic.aaa.,IN,A,172800,37.209.194.9 \
c.nic.aaa.,IN,A,172800,37.209.196.9 \
ns1.dns.nic.aaa.,IN,A,172800,156.154.144.2 \
ns2.dns.nic.aaa.,IN,A,172800,156.154.145.2 \
ns3.dns.nic.aaa.,IN,A,172800,156.154.159.2 \
a.nic.aaa.,IN,AAAA,172800,2001:dcd:1::9 \
b.nic.aaa.,IN,AAAA,172800,2001:dcd:2::9 \
c.nic.aaa.,IN,AAAA,172800,2001:dcd:3::9 \
ns1.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1071::2 \
ns2.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1072::2 \
ns3.dns.nic.aaa.,IN,AAAA,172800,2610:a1:1073::2 \
.,1232,1232,0,edns0[len=30,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=3,codelen=26]
[64] 2023-07-05 07:21:42.739334 [#6 edns.pcap 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48648,rd \
1 g.root-servers.net.,IN,A 0 0 0
[64] 2023-07-05 07:21:42.739396 [#7 edns.pcap 4095] \
[172.17.0.6].53174 [172.17.0.1].53 \
dns QUERY,NOERROR,48141,rd \
1 g.root-servers.net.,IN,AAAA 0 0 0
[80] 2023-07-05 07:21:42.739525 [#8 edns.pcap 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48648,qr|rd|ra \
1 g.root-servers.net.,IN,A \
1 g.root-servers.net.,IN,A,85094,192.112.36.4 0 0
[92] 2023-07-05 07:21:42.739558 [#9 edns.pcap 4095] \
[172.17.0.1].53 [172.17.0.6].53174 \
dns QUERY,NOERROR,48141,qr|rd|ra \
1 g.root-servers.net.,IN,AAAA \
1 g.root-servers.net.,IN,AAAA,85094,2001:500:12::d0d 0 0
[83] 2023-07-05 07:21:42.740590 [#10 edns.pcap 4095] \
[172.17.0.6].50901 [192.112.36.4].53 \
dns QUERY,NOERROR,35713,rd|ad \
1 net.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=23,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[ECS,family=1,source=24,scope=0,addr=172.17.0.0],edns0opt[code=10,codelen=8]
[895] 2023-07-05 07:21:42.836816 [#11 edns.pcap 4095] \
[192.112.36.4].53 [172.17.0.6].50901 \
dns QUERY,NOERROR,35713,qr|rd \
1 net.,IN,A 0 \
13 net.,IN,NS,172800,j.gtld-servers.net. \
net.,IN,NS,172800,b.gtld-servers.net. \
net.,IN,NS,172800,a.gtld-servers.net. \
net.,IN,NS,172800,h.gtld-servers.net. \
net.,IN,NS,172800,d.gtld-servers.net. \
net.,IN,NS,172800,c.gtld-servers.net. \
net.,IN,NS,172800,i.gtld-servers.net. \
net.,IN,NS,172800,e.gtld-servers.net. \
net.,IN,NS,172800,m.gtld-servers.net. \
net.,IN,NS,172800,f.gtld-servers.net. \
net.,IN,NS,172800,k.gtld-servers.net. \
net.,IN,NS,172800,l.gtld-servers.net. \
net.,IN,NS,172800,g.gtld-servers.net. \
27 m.gtld-servers.net.,IN,A,172800,192.55.83.30 \
l.gtld-servers.net.,IN,A,172800,192.41.162.30 \
k.gtld-servers.net.,IN,A,172800,192.52.178.30 \
j.gtld-servers.net.,IN,A,172800,192.48.79.30 \
i.gtld-servers.net.,IN,A,172800,192.43.172.30 \
h.gtld-servers.net.,IN,A,172800,192.54.112.30 \
g.gtld-servers.net.,IN,A,172800,192.42.93.30 \
f.gtld-servers.net.,IN,A,172800,192.35.51.30 \
e.gtld-servers.net.,IN,A,172800,192.12.94.30 \
d.gtld-servers.net.,IN,A,172800,192.31.80.30 \
c.gtld-servers.net.,IN,A,172800,192.26.92.30 \
b.gtld-servers.net.,IN,A,172800,192.33.14.30 \
a.gtld-servers.net.,IN,A,172800,192.5.6.30 \
m.gtld-servers.net.,IN,AAAA,172800,2001:501:b1f9::30 \
l.gtld-servers.net.,IN,AAAA,172800,2001:500:d937::30 \
k.gtld-servers.net.,IN,AAAA,172800,2001:503:d2d::30 \
j.gtld-servers.net.,IN,AAAA,172800,2001:502:7094::30 \
i.gtld-servers.net.,IN,AAAA,172800,2001:503:39c1::30 \
h.gtld-servers.net.,IN,AAAA,172800,2001:502:8cc::30 \
g.gtld-servers.net.,IN,AAAA,172800,2001:503:eea3::30 \
f.gtld-servers.net.,IN,AAAA,172800,2001:503:d414::30 \
e.gtld-servers.net.,IN,AAAA,172800,2001:502:1ca1::30 \
d.gtld-servers.net.,IN,AAAA,172800,2001:500:856e::30 \
c.gtld-servers.net.,IN,AAAA,172800,2001:503:83eb::30 \
b.gtld-servers.net.,IN,AAAA,172800,2001:503:231d::2:30 \
a.gtld-servers.net.,IN,AAAA,172800,2001:503:a83e::2:30 \
.,1232,1232,0,edns0[len=39,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=24],edns0opt[ECS,family=1,source=24,scope=0,addr=172.17.0.0]
[86] 2023-07-05 07:21:46.511502 [#12 edns.pcap 4095] \
[172.17.0.6].35191 [1.1.1.1].53 \
dns QUERY,NOERROR,960,rd|ad \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=12,UDP=4096,ver=0,rcode=0,DO=0,z=0],edns0opt[code=10,codelen=8]
[131] 2023-07-05 07:21:46.518500 [#13 edns.pcap 4095] \
[1.1.1.1].53 [172.17.0.6].35191 \
dns QUERY,SERVFAIL,960,qr|rd|ra \
1 dnssec-failed.org.,IN,A 0 0 \
1 .,1232,1232,0,edns0[len=57,UDP=1232,ver=0,rcode=0,DO=0,z=0],edns0opt[code=15,codelen=53]

BIN
src/test/edns.pcap Normal file
View file

Binary file not shown.

4
src/test/test1.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
../dnscap -g -r dns.pcap-dist 2>dns.out
test -e dns.pcap || ln -s "$srcdir/dns.pcap" dns.pcap
../dnscap -g -r dns.pcap 2>dns.out
mv dns.out dns.out.old
grep -v "^libgcov profiling error:" dns.out.old > dns.out

8
src/test/test10.gold
View file

@ -1,20 +1,20 @@
[87] 2018-11-27 15:52:00.414188 [#0 dns6.pcap-dist 4095] \
[87] 2018-11-27 15:52:00.414188 [#0 dns6.pcap 4095] \
[2a01:3f0:0:57::245].51972 [2001:4860:4860::8888].53 \
dns QUERY,NOERROR,51420,rd|ad \
1 google.com.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=0,UDP=4096,ver=0,rcode=0,DO=0,z=0]
[103] 2018-11-27 15:52:00.428453 [#1 dns6.pcap-dist 4095] \
[103] 2018-11-27 15:52:00.428453 [#1 dns6.pcap 4095] \
[2001:4860:4860::8888].53 [2a01:3f0:0:57::245].51972 \
dns QUERY,NOERROR,51420,qr|rd|ra \
1 google.com.,IN,A \
1 google.com.,IN,A,299,172.217.20.46 0 \
1 .,512,512,0,edns0[len=0,UDP=512,ver=0,rcode=0,DO=0,z=0]
[87] 2018-11-27 15:52:00.414188 [#0 dns6.pcap-dist 4095] \
[87] 2018-11-27 15:52:00.414188 [#0 dns6.pcap 4095] \
[2a01:3f0:0:57::245].51972 [2001:4860:4860::8888].53 \
dns QUERY,NOERROR,51420,rd|ad \
1 google.com.,IN,A 0 0 \
1 .,4096,4096,0,edns0[len=0,UDP=4096,ver=0,rcode=0,DO=0,z=0]
[103] 2018-11-27 15:52:00.428453 [#1 dns6.pcap-dist 4095] \
[103] 2018-11-27 15:52:00.428453 [#1 dns6.pcap 4095] \
[2001:4860:4860::8888].53 [2a01:3f0:0:57::245].51972 \
dns QUERY,NOERROR,51420,qr|rd|ra \
1 google.com.,IN,A \

6
src/test/test10.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
../dnscap -r dns6.pcap-dist -g 2>test10.out
../dnscap -r dns6.pcap-dist -o use_layers=yes -g 2>>test10.out
test -e dns6.pcap || ln -s "$srcdir/dns6.pcap" dns6.pcap
../dnscap -r dns6.pcap -g 2>test10.out
../dnscap -r dns6.pcap -o use_layers=yes -g 2>>test10.out
diff test10.out "$srcdir/test10.gold"

10
src/test/test11.sh
View file

@ -1,5 +1,7 @@
#!/bin/sh -xe
test -e dns.pcap || ln -s "$srcdir/dns.pcap" dns.pcap
../dnscap -?
! ../dnscap -j
@ -42,13 +44,13 @@ fi
../dnscap -V
../dnscap -r dns.pcap-dist -g -ddddd
../dnscap -r dns.pcap-dist -x '.*' -X '.*' -g -ddddd
../dnscap -r dns.pcap -g -ddddd
../dnscap -r dns.pcap -x '.*' -X '.*' -g -ddddd
! ../dnscap -r dns.pcap-dist -i fake 2>test11.out
! ../dnscap -r dns.pcap -i fake 2>test11.out
cat test11.out
grep -qF -- "-i makes no sense after -r" test11.out
! ../dnscap -i fake -r dns.pcap-dist 2>test11.out
! ../dnscap -i fake -r dns.pcap 2>test11.out
cat test11.out
grep -qF -- "-r makes no sense after -i" test11.out

4
src/test/test12.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
if ! ../dnscap -g -r dns.pcap-dist -w test12 -W .gz 2>test12.out; then
test -e dns.pcap || ln -s "$srcdir/dns.pcap" dns.pcap
if ! ../dnscap -g -r dns.pcap -w test12 -W .gz 2>test12.out; then
grep -qF "gzip compression requested but not supported" test12.out && exit 0
exit 1
fi

28
src/test/test13.sh
View file

@ -2,6 +2,8 @@
test -f /etc/resolv.conf || exit 0
test -e dns.pcap || ln -s "$srcdir/dns.pcap" dns.pcap
! ../dnscap -a "fake_host-should+not/work" 2>test13.out
cat test13.out
grep -qF "invalid host address" test13.out
@ -9,20 +11,20 @@ grep -qF "invalid host address" test13.out
if [ "`uname`" = "OpenBSD" ]; then
# IPv6 addresses in BPF seems to segfault on OpenBSD and doing host and
# not host throws generic pcap_compile error
../dnscap -a 127.0.0.1 -r dns.pcap-dist -g -dddd
../dnscap -z 127.0.0.1 -r dns.pcap-dist -g -dddd
../dnscap -A 127.0.0.1 -r dns.pcap-dist -g -dddd
../dnscap -Z 127.0.0.1 -r dns.pcap-dist -g -dddd
../dnscap -Y 127.0.0.1 -r dns.pcap-dist -g -dddd
../dnscap -a 127.0.0.1 -r dns.pcap -g -dddd
../dnscap -z 127.0.0.1 -r dns.pcap -g -dddd
../dnscap -A 127.0.0.1 -r dns.pcap -g -dddd
../dnscap -Z 127.0.0.1 -r dns.pcap -g -dddd
../dnscap -Y 127.0.0.1 -r dns.pcap -g -dddd
else
../dnscap -a 127.0.0.1 -a ::1 -r dns.pcap-dist -g -dddd
../dnscap -z 127.0.0.1 -z ::1 -r dns.pcap-dist -g -dddd
../dnscap -A 127.0.0.1 -A ::1 -r dns.pcap-dist -g -dddd
../dnscap -Z 127.0.0.1 -Z ::1 -r dns.pcap-dist -g -dddd
../dnscap -Y 127.0.0.1 -Y ::1 -r dns.pcap-dist -g -dddd
../dnscap -a 127.0.0.1 -a ::1 -r dns.pcap -g -dddd
../dnscap -z 127.0.0.1 -z ::1 -r dns.pcap -g -dddd
../dnscap -A 127.0.0.1 -A ::1 -r dns.pcap -g -dddd
../dnscap -Z 127.0.0.1 -Z ::1 -r dns.pcap -g -dddd
../dnscap -Y 127.0.0.1 -Y ::1 -r dns.pcap -g -dddd
fi
if [ "$TEST_DNSCAP_WITH_NETWORK" = "1" ]; then
../dnscap -a google.com -r dns.pcap-dist -g -dddd
../dnscap -a google.com -r dns.pcap -g -dddd
fi
../dnscap -Y 127.0.0.1 -r dns.pcap-dist -g
../dnscap -Y 8.8.8.8 -r dns.pcap-dist -g
../dnscap -Y 127.0.0.1 -r dns.pcap -g
../dnscap -Y 8.8.8.8 -r dns.pcap -g

656
src/test/test14.gold
View file

File diff suppressed because it is too large Load diff

18
src/test/test14.sh
View file

@ -1,22 +1,24 @@
#!/bin/sh -xe
test -e dns.pcap || ln -s "$srcdir/dns.pcap" dns.pcap
echo "-- only 1" >test14.out
../dnscap -g -q 1 -r dns.pcap-dist 2>>test14.out
../dnscap -g -q 1 -r dns.pcap 2>>test14.out
echo "-- not 1" >>test14.out
../dnscap -g -Q 1 -r dns.pcap-dist 2>>test14.out
../dnscap -g -Q 1 -r dns.pcap 2>>test14.out
echo "-- only PTR" >>test14.out
../dnscap -g -q PTR -r dns.pcap-dist 2>>test14.out
../dnscap -g -q PTR -r dns.pcap 2>>test14.out
echo "-- not PTR" >>test14.out
../dnscap -g -Q PTR -r dns.pcap-dist 2>>test14.out
../dnscap -g -Q PTR -r dns.pcap 2>>test14.out
echo "-- only 1" >>test14.out
../dnscap -g -o use_layers=yes -q 1 -r dns.pcap-dist 2>>test14.out
../dnscap -g -o use_layers=yes -q 1 -r dns.pcap 2>>test14.out
echo "-- not 1" >>test14.out
../dnscap -g -o use_layers=yes -Q 1 -r dns.pcap-dist 2>>test14.out
../dnscap -g -o use_layers=yes -Q 1 -r dns.pcap 2>>test14.out
echo "-- only PTR" >>test14.out
../dnscap -g -o use_layers=yes -q PTR -r dns.pcap-dist 2>>test14.out
../dnscap -g -o use_layers=yes -q PTR -r dns.pcap 2>>test14.out
echo "-- not PTR" >>test14.out
../dnscap -g -o use_layers=yes -Q PTR -r dns.pcap-dist 2>>test14.out
../dnscap -g -o use_layers=yes -Q PTR -r dns.pcap 2>>test14.out
mv test14.out test14.out.old
grep -v "^libgcov profiling error:" test14.out.old > test14.out

6
src/test/test2.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
../dnscap -g -r dns.pcap-dist 2>no-layers.out
../dnscap -g -r dns.pcap-dist -o use_layers=yes 2>layers.out
test -e dns.pcap || ln -s "$srcdir/dns.pcap" dns.pcap
../dnscap -g -r dns.pcap 2>no-layers.out
../dnscap -g -r dns.pcap -o use_layers=yes 2>layers.out
diff no-layers.out layers.out

6
src/test/test3.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
../dnscap -g -f -r frags.pcap-dist -o use_layers=yes -o defrag_ipv4=yes -o max_ipv4_fragments_per_packet=64 2>frags.out
test -e frags.pcap || ln -s "$srcdir/frags.pcap" frags.pcap
../dnscap -g -f -r frags.pcap -o use_layers=yes -o defrag_ipv4=yes -o max_ipv4_fragments_per_packet=64 2>frags.out
# remove timestamp
sed -i -e 's%^\(\[[0-9]*\]\)[^\[]*\[%\1 [%g' frags.out
@ -8,6 +10,6 @@ sed -i -e 's%^\(\[[0-9]*\]\)[^\[]*\[%\1 [%g' frags.out
# create gold file
cp "$srcdir/dns.gold" frags.gold
sed -i -e 's%^\(\[[0-9]*\]\)[^\[]*\[%\1 [%g' frags.gold
sed -i -e 's%dns.pcap-dist%frags.pcap-dist%g' frags.gold
sed -i -e 's%dns.pcap%frags.pcap%g' frags.gold
diff frags.out frags.gold

6
src/test/test4.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
../dnscap -g -T -r 1qtcppadd.pcap-dist 2>padding-no-layers.out
../dnscap -g -T -r 1qtcppadd.pcap-dist -o use_layers=yes 2>padding-layers.out
test -e 1qtcppadd.pcap || ln -s "$srcdir/1qtcppadd.pcap" 1qtcppadd.pcap
../dnscap -g -T -r 1qtcppadd.pcap 2>padding-no-layers.out
../dnscap -g -T -r 1qtcppadd.pcap -o use_layers=yes 2>padding-layers.out
diff padding-no-layers.out padding-layers.out

18
src/test/test5.sh
View file

@ -1,20 +1,22 @@
#!/bin/sh -xe
test -e vlan11.pcap || ln -s "$srcdir/vlan11.pcap" vlan11.pcap
osrel=`uname -s`
../dnscap -g -r vlan11.pcap-dist 2>vlan11.out
../dnscap -g -r vlan11.pcap 2>vlan11.out
test -f vlan11.out && ! test -s vlan11.out
../dnscap -g -r vlan11.pcap-dist -L 10 2>vlan11.out
../dnscap -g -r vlan11.pcap -L 10 2>vlan11.out
test -f vlan11.out && ! test -s vlan11.out
../dnscap -g -r vlan11.pcap-dist -L 4095 2>vlan11.out
../dnscap -g -r vlan11.pcap -L 4095 2>vlan11.out
diff vlan11.out "$srcdir/vlan11.gold"
../dnscap -g -r vlan11.pcap-dist -L 11 2>vlan11.out
../dnscap -g -r vlan11.pcap -L 11 2>vlan11.out
diff vlan11.out "$srcdir/vlan11.gold"
../dnscap -g -r vlan11.pcap-dist -o use_layers=yes 2>vlan11.out
../dnscap -g -r vlan11.pcap -o use_layers=yes 2>vlan11.out
test -f vlan11.out && ! test -s vlan11.out
../dnscap -g -r vlan11.pcap-dist -o use_layers=yes -L 10 2>vlan11.out
../dnscap -g -r vlan11.pcap -o use_layers=yes -L 10 2>vlan11.out
test -f vlan11.out && ! test -s vlan11.out
../dnscap -g -r vlan11.pcap-dist -o use_layers=yes -L 4095 2>vlan11.out
../dnscap -g -r vlan11.pcap -o use_layers=yes -L 4095 2>vlan11.out
diff vlan11.out "$srcdir/vlan11.gold"
../dnscap -g -r vlan11.pcap-dist -o use_layers=yes -L 11 2>vlan11.out
../dnscap -g -r vlan11.pcap -o use_layers=yes -L 11 2>vlan11.out
diff vlan11.out "$srcdir/vlan11.gold"

6
src/test/test6.sh
View file

@ -1,6 +1,8 @@
#!/bin/sh -xe
../dnscap -g -r dnspad.pcap-dist 2>dnspad.out
../dnscap -o use_layers=yes -g -r dnspad.pcap-dist 2>>dnspad.out
test -e dnspad.pcap || ln -s "$srcdir/dnspad.pcap" dnspad.pcap
../dnscap -g -r dnspad.pcap 2>dnspad.out
../dnscap -o use_layers=yes -g -r dnspad.pcap 2>>dnspad.out
diff dnspad.out "$srcdir/dnspad.gold"

574
src/test/test7.gold
View file

File diff suppressed because it is too large Load diff

Some files were not shown because too many files have changed in this diff Show more