dns

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 24, 2015 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

This file contains the name mapping data used to convert various DNS IDs to their string values.

Index

Constants

View Source 
const (
	Query    = false
	Response = true
)

Constants used to associate the DNS QR flag with a meaningful value.

View Source 
const (
	NonDnsPacketMsg   = "Packet's data could not be decoded as DNS."
	DuplicateQueryMsg = "Another query with the same DNS ID from this client " +
		"was received so this query was closed without receiving a response."
	OrphanedResponseMsg = "Response was received without an associated query."
	NoResponse          = "No response to this query was received."
)

Notes that are added to messages during exceptional conditions.

View Source 
const (
	TransportTcp = iota
	TransportUdp
)
View Source 
const MaxDnsTupleRawSize = 16 + 16 + 2 + 2 + 4 + 1

Variables

View Source 
var TransportNames = []string{
	"tcp",
	"udp",
}

Functions

This section is empty.

Types

type Dns 

type Dns struct {
	// Configuration data.
	Ports               []int
	Send_request        bool
	Send_response       bool
	Include_authorities bool
	Include_additionals bool
	// contains filtered or unexported fields
}

func (*Dns) GetPorts 

func (dns *Dns) GetPorts() []int

func (*Dns) Init 

func (dns *Dns) Init(test_mode bool, results publisher.Client) error

func (*Dns) ParseUdp 

func (dns *Dns) ParseUdp(pkt *protos.Packet)

type DnsMessage 

type DnsMessage struct {
	Ts           time.Time          // Time when the message was received.
	Tuple        common.IpPortTuple // Source and destination addresses of packet.
	CmdlineTuple *common.CmdlineTuple
	Data         *layers.DNS // Parsed DNS packet data.
	Length       int         // Length of the DNS message in bytes.
}

DnsMessage contains a single DNS message.

type DnsStream 

type DnsStream struct {
	// contains filtered or unexported fields
}

DnsStream contains DNS data from one side of a TCP transmission. A pair of DnsStream's are used to represent the full conversation.

type DnsTransaction 

type DnsTransaction struct {
	ResponseTime int32 // Elapsed time in milliseconds between the request and response.
	Src          common.Endpoint
	Dst          common.Endpoint
	Transport    Transport
	Notes        []string

	Request  *DnsMessage
	Response *DnsMessage
	// contains filtered or unexported fields
}

type DnsTuple 

type DnsTuple struct {
	Ip_length          int
	Src_ip, Dst_ip     net.IP
	Src_port, Dst_port uint16
	Transport          Transport
	Id                 uint16
	// contains filtered or unexported fields
}

DnsTuple contains source IP/port, destination IP/port, transport protocol, and DNS ID.

func DnsTupleFromIpPort 

func DnsTupleFromIpPort(t *common.IpPortTuple, trans Transport, id uint16) DnsTuple

func (*DnsTuple) ComputeHashebles 

func (t *DnsTuple) ComputeHashebles()

func (*DnsTuple) Hashable 

func (t *DnsTuple) Hashable() HashableDnsTuple

Hashable returns a hashable value that uniquely identifies the DNS tuple.

func (*DnsTuple) RevHashable 

func (t *DnsTuple) RevHashable() HashableDnsTuple

Hashable returns a hashable value that uniquely identifies the DNS tuple after swapping the source and destination.

func (DnsTuple) Reverse 

func (t DnsTuple) Reverse() DnsTuple

func (*DnsTuple) String 

func (t *DnsTuple) String() string

type HashableDnsTuple 

type HashableDnsTuple [MaxDnsTupleRawSize]byte

type Transport 

type Transport uint8

Transport protocol.

func (Transport) String 

func (t Transport) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.