#define C_QU 0x8000 /* mDNS QU flag in queries */
#define C_CACHE_FLUSH 0x8000 /* mDNS cache flush flag in replies */
+/*
+ * Values for EDNS option types
+ */
+
+#define E_NSID 3 /* name server identifier */
+#define E_DAU 5 /* signal DNSSEC algorithm understood */
+#define E_DHU 6 /* signal DS hash understood */
+#define E_N3U 7 /* signal NSEC3 hash understood */
+#define E_ECS 8 /* EDNS client subnet */
+#define E_EXPIRE 9 /* zone expiration */
+#define E_COOKIE 10 /* DNS cookies */
+#define E_KEEPALIVE 11 /* TCP keepalive */
+#define E_PADDING 12 /* pad DNS messages */
+#define E_CHAIN 13 /* chain DNS queries */
+#define E_KEYTAG 14 /* EDNS key tag */
+
/*
* Status return codes for T_UNSPEC conversion routines
*/
return (cp + i);
}
+extern const struct tok edns_opt2str[];
+
+/* print an <EDNS-option> */
+static const u_char *
+eopt_print(netdissect_options *ndo,
+ const u_char *cp)
+{
+ u_int i;
+
+ if (!ND_TTEST_2(cp))
+ return (NULL);
+ i = GET_BE_U_2(cp);
+ cp += 2;
+ ND_PRINT(" %s", tok2str(edns_opt2str, "Opt%u", i));
+ if (!ND_TTEST_2(cp))
+ return (NULL);
+ i = GET_BE_U_2(cp);
+ cp += 2;
+ return (cp + i);
+}
+
extern const struct tok ns_type2str[];
/* https://www.iana.org/assignments/dns-parameters */
{ 0, NULL }
};
+extern const struct tok edns_opt2str[];
+
+const struct tok edns_opt2str[] = {
+ { E_NSID, "NSID" },
+ { E_DAU, "DAU" },
+ { E_DHU, "DHU" },
+ { E_N3U, "N3U" },
+ { E_ECS, "ECS" },
+ { E_EXPIRE, "EXPIRE" },
+ { E_COOKIE, "COOKIE" },
+ { E_KEEPALIVE, "KEEPALIVE" },
+ { E_PADDING, "PADDING" },
+ { E_CHAIN, "CHAIN" },
+ { E_KEYTAG, "KEYTAG" },
+ { 0, NULL }
+};
+
/* print a query */
static const u_char *
ns_qprint(netdissect_options *ndo,
ND_PRINT(" UDPsize=%u", class);
if (opt_flags & 0x8000)
ND_PRINT(" DO");
+ while (cp < rp) {
+ cp = eopt_print(ndo, cp);
+ if (cp == NULL)
+ return(NULL);
+ }
break;
case T_UNSPECA: /* One long string */
#someip tests
someip1 someip1.pcap someip1.out
someip2 someip2.pcap someip2.out
+
+# EDNS Options
+edns-opts edns-opts.pcap edns-opts.out
+edns-opts-v edns-opts.pcap edns-opts-v.out -v
+edns-opts-vv edns-opts.pcap edns-opts-vv.out -vv
--- /dev/null
+ 1 15:51:13.645135 IP6 (flowlabel 0x59ab7, hlim 64, next-header UDP (17) payload length: 48) ::1.39913 > ::1.53: [bad udp cksum 0x0043 -> 0xd3c1!] 45044+ [1au] A? example.com. (40)
+ 2 15:51:13.645368 IP6 (flowlabel 0x407db, hlim 64, next-header UDP (17) payload length: 200) ::1.53 > ::1.39913: [bad udp cksum 0x00db -> 0x47f8!] 45044 1/2/5 example.com. A 93.184.216.34 (192)
+ 3 15:51:41.824299 IP6 (flowlabel 0x6cf0a, hlim 64, next-header UDP (17) payload length: 60) ::1.40241 > ::1.53: [bad udp cksum 0x004f -> 0x8d32!] 25196+ [1au] A? example.com. (52)
+ 4 15:51:41.824510 IP6 (flowlabel 0x35b0b, hlim 64, next-header UDP (17) payload length: 228) ::1.53 > ::1.40241: [bad udp cksum 0x00f7 -> 0x7d0f!] 25196 1/2/5 example.com. A 93.184.216.34 (220)
+ 5 15:51:58.952626 IP6 (flowlabel 0xf9ade, hlim 64, next-header UDP (17) payload length: 64) ::1.52325 > ::1.53: [bad udp cksum 0x0053 -> 0xfe45!] 1171+ [1au] A? example.com. (56)
+ 6 15:51:58.952934 IP6 (flowlabel 0x3185a, hlim 64, next-header UDP (17) payload length: 228) ::1.53 > ::1.52325: [bad udp cksum 0x00f7 -> 0x8e9d!] 1171 1/2/5 example.com. A 93.184.216.34 (220)
+ 7 15:52:09.278001 IP6 (flowlabel 0xb5cae, hlim 64, next-header UDP (17) payload length: 75) ::1.45845 > ::1.53: [bad udp cksum 0x005e -> 0xcc5b!] 24578+ [1au] A? example.com. (67)
+ 8 15:52:09.278215 IP6 (flowlabel 0x3e25d, hlim 64, next-header UDP (17) payload length: 239) ::1.53 > ::1.45845: [bad udp cksum 0x0102 -> 0xb15e!] 24578 1/2/5 example.com. A 93.184.216.34 (231)
+ 9 15:52:21.041837 IP6 (flowlabel 0xc2911, hlim 64, next-header UDP (17) payload length: 79) ::1.55361 > ::1.53: [bad udp cksum 0x0062 -> 0x13aa!] 11702+ [1au] A? example.com. (71)
+ 10 15:52:21.042080 IP6 (flowlabel 0x5d5a9, hlim 64, next-header UDP (17) payload length: 239) ::1.53 > ::1.55361: [bad udp cksum 0x0102 -> 0x966c!] 11702 1/2/5 example.com. A 93.184.216.34 (231)
--- /dev/null
+ 1 15:51:13.645135 IP6 (flowlabel 0x59ab7, hlim 64, next-header UDP (17) payload length: 48) ::1.39913 > ::1.53: [bad udp cksum 0x0043 -> 0xd3c1!] 45044+ [1au] A? example.com. ar: . OPT UDPsize=4096 (40)
+ 2 15:51:13.645368 IP6 (flowlabel 0x407db, hlim 64, next-header UDP (17) payload length: 200) ::1.53 > ::1.39913: [bad udp cksum 0x00db -> 0x47f8!] 45044 q: A? example.com. 1/2/5 example.com. A 93.184.216.34 ns: example.com. NS a.iana-servers.net., example.com. NS b.iana-servers.net. ar: a.iana-servers.net. AAAA 2001:500:8f::53, b.iana-servers.net. AAAA 2001:500:8d::53, a.iana-servers.net. A 199.43.135.53, b.iana-servers.net. A 199.43.133.53, . OPT UDPsize=4096 (192)
+ 3 15:51:41.824299 IP6 (flowlabel 0x6cf0a, hlim 64, next-header UDP (17) payload length: 60) ::1.40241 > ::1.53: [bad udp cksum 0x004f -> 0x8d32!] 25196+ [1au] A? example.com. ar: . OPT UDPsize=4096 COOKIE (52)
+ 4 15:51:41.824510 IP6 (flowlabel 0x35b0b, hlim 64, next-header UDP (17) payload length: 228) ::1.53 > ::1.40241: [bad udp cksum 0x00f7 -> 0x7d0f!] 25196 q: A? example.com. 1/2/5 example.com. A 93.184.216.34 ns: example.com. NS a.iana-servers.net., example.com. NS b.iana-servers.net. ar: a.iana-servers.net. AAAA 2001:500:8f::53, b.iana-servers.net. AAAA 2001:500:8d::53, a.iana-servers.net. A 199.43.135.53, b.iana-servers.net. A 199.43.133.53, . OPT UDPsize=4096 COOKIE (220)
+ 5 15:51:58.952626 IP6 (flowlabel 0xf9ade, hlim 64, next-header UDP (17) payload length: 64) ::1.52325 > ::1.53: [bad udp cksum 0x0053 -> 0xfe45!] 1171+ [1au] A? example.com. ar: . OPT UDPsize=4096 NSID COOKIE (56)
+ 6 15:51:58.952934 IP6 (flowlabel 0x3185a, hlim 64, next-header UDP (17) payload length: 228) ::1.53 > ::1.52325: [bad udp cksum 0x00f7 -> 0x8e9d!] 1171 q: A? example.com. 1/2/5 example.com. A 93.184.216.34 ns: example.com. NS b.iana-servers.net., example.com. NS a.iana-servers.net. ar: a.iana-servers.net. AAAA 2001:500:8f::53, b.iana-servers.net. AAAA 2001:500:8d::53, a.iana-servers.net. A 199.43.135.53, b.iana-servers.net. A 199.43.133.53, . OPT UDPsize=4096 COOKIE (220)
+ 7 15:52:09.278001 IP6 (flowlabel 0xb5cae, hlim 64, next-header UDP (17) payload length: 75) ::1.45845 > ::1.53: [bad udp cksum 0x005e -> 0xcc5b!] 24578+ [1au] A? example.com. ar: . OPT UDPsize=4096 NSID ECS COOKIE (67)
+ 8 15:52:09.278215 IP6 (flowlabel 0x3e25d, hlim 64, next-header UDP (17) payload length: 239) ::1.53 > ::1.45845: [bad udp cksum 0x0102 -> 0xb15e!] 24578 q: A? example.com. 1/2/5 example.com. A 93.184.216.34 ns: example.com. NS a.iana-servers.net., example.com. NS b.iana-servers.net. ar: a.iana-servers.net. AAAA 2001:500:8f::53, b.iana-servers.net. AAAA 2001:500:8d::53, a.iana-servers.net. A 199.43.135.53, b.iana-servers.net. A 199.43.133.53, . OPT UDPsize=4096 COOKIE ECS (231)
+ 9 15:52:21.041837 IP6 (flowlabel 0xc2911, hlim 64, next-header UDP (17) payload length: 79) ::1.55361 > ::1.53: [bad udp cksum 0x0062 -> 0x13aa!] 11702+ [1au] A? example.com. ar: . OPT UDPsize=4096 NSID ECS COOKIE Opt16 (71)
+ 10 15:52:21.042080 IP6 (flowlabel 0x5d5a9, hlim 64, next-header UDP (17) payload length: 239) ::1.53 > ::1.55361: [bad udp cksum 0x0102 -> 0x966c!] 11702 q: A? example.com. 1/2/5 example.com. A 93.184.216.34 ns: example.com. NS a.iana-servers.net., example.com. NS b.iana-servers.net. ar: a.iana-servers.net. AAAA 2001:500:8f::53, b.iana-servers.net. AAAA 2001:500:8d::53, a.iana-servers.net. A 199.43.135.53, b.iana-servers.net. A 199.43.133.53, . OPT UDPsize=4096 COOKIE ECS (231)
--- /dev/null
+ 1 15:51:13.645135 IP6 ::1.39913 > ::1.53: 45044+ [1au] A? example.com. (40)
+ 2 15:51:13.645368 IP6 ::1.53 > ::1.39913: 45044 1/2/5 A 93.184.216.34 (192)
+ 3 15:51:41.824299 IP6 ::1.40241 > ::1.53: 25196+ [1au] A? example.com. (52)
+ 4 15:51:41.824510 IP6 ::1.53 > ::1.40241: 25196 1/2/5 A 93.184.216.34 (220)
+ 5 15:51:58.952626 IP6 ::1.52325 > ::1.53: 1171+ [1au] A? example.com. (56)
+ 6 15:51:58.952934 IP6 ::1.53 > ::1.52325: 1171 1/2/5 A 93.184.216.34 (220)
+ 7 15:52:09.278001 IP6 ::1.45845 > ::1.53: 24578+ [1au] A? example.com. (67)
+ 8 15:52:09.278215 IP6 ::1.53 > ::1.45845: 24578 1/2/5 A 93.184.216.34 (231)
+ 9 15:52:21.041837 IP6 ::1.55361 > ::1.53: 11702+ [1au] A? example.com. (71)
+ 10 15:52:21.042080 IP6 ::1.53 > ::1.55361: 11702 1/2/5 A 93.184.216.34 (231)
projects / tcpdump / commitdiff
