diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-03-13 07:54:12 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-03-13 07:54:12 +0000 |
| commit | 4754ed45b607e82450a5e31fea1da3ba61433b04 (patch) | |
| tree | 3554490bdc003e6004f605abe41929cdf98b0651 /examples/filter_rcode.lua | |
| parent | Initial commit. (diff) | |
| download | dnsjit-4754ed45b607e82450a5e31fea1da3ba61433b04.tar.xz dnsjit-4754ed45b607e82450a5e31fea1da3ba61433b04.zip | |
Adding upstream version 1.1.0+debian.upstream/1.1.0+debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'examples/filter_rcode.lua')
| -rwxr-xr-x | examples/filter_rcode.lua | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/examples/filter_rcode.lua b/examples/filter_rcode.lua new file mode 100755 index 0000000..c3f0254 --- /dev/null +++ b/examples/filter_rcode.lua @@ -0,0 +1,38 @@ +#!/usr/bin/env dnsjit +local pcap = arg[2] +local rcode = tonumber(arg[3]) + +if pcap == nil or rcode == nil then + print("usage: "..arg[1].." <pcap> <rcode>") + return +end + +local object = require("dnsjit.core.objects") +local input = require("dnsjit.input.pcap").new() +local layer = require("dnsjit.filter.layer").new() +local dns = require("dnsjit.core.object.dns").new() + +input:open_offline(pcap) +layer:producer(input) +local producer, ctx = layer:produce() + +while true do + local obj = producer(ctx) + if obj == nil then break end + local pl = obj:cast() + if obj:type() == "payload" and pl.len > 0 then + local transport = obj.obj_prev + while transport ~= nil do + if transport.obj_type == object.IP or transport.obj_type == object.IP6 then + break + end + transport = transport.obj_prev + end + + dns.obj_prev = obj + if transport and dns and dns:parse_header() == 0 and dns.have_rcode == 1 and dns.rcode == rcode then + transport = transport:cast() + print(dns.id, transport:source().." -> "..transport:destination()) + end + end +end |