Provided by: dnsjit_1.2.2-1_amd64
NAME
dnsjit.core.object.dns - Container of a DNS message
SYNOPSIS
Parse DNS header and check if query or response local dns = require("dnsjit.core.object.dns").new(payload) if dns:parse_header() == 0 then if dns.qr == 0 then print(dns.id, dns.opcode_tostring(dns.opcode)) else print(dns.id, dns.rcode_tostring(dns.rcode)) end end Print a DNS payload local dns = require("dnsjit.core.object.dns").new(payload) dns:print() Parse a DNS payload local dns = require("dnsjit.core.object.dns").new(payload) local qs, q_labels, rrs, rr_labels = dns:parse() if qs and q_labels then ... if rrs and rr_labels then ... end end
DESCRIPTION
The object that describes a DNS message. Attributes includes_dnslen If non-zero then this indicates that the DNS length is included in the payload (for example if the transport is TCP) and will affect parsing of it. have_dnslen Set if the dnslen was included in the payload and could be read. have_id Set if there is a DNS ID. have_qr Set if there is a QR flag. have_opcode Set if there is an OPCODE. have_aa Set if there is a AA flag. have_tc Set if there is a TC flag. have_rd Set if there is a RD flag. have_ra Set if there is a RA flag. have_z Set if there is a Z flag. have_ad Set if there is a AD flag. have_cd Set if there is a CD flag. have_rcode Set if there is a RCODE. have_qdcount Set if there is an QDCOUNT. have_ancount Set if there is an ANCOUNT. have_nscount Set if there is a NSCOUNT. have_arcount Set if there is an ARCOUNT. dnslen The DNS length found in the payload. id The DNS ID. qr The QR flag. opcode The OPCODE. aa The AA flag. tc The TC flag. rd The RD flag. ra The RA flag. z The Z flag. ad The AD flag. cd The CD flag. rcode The RCODE. qdcount The QDCOUNT. ancount The ANCOUNT. nscount The NSCOUNT. arcount The ARCOUNT. Constants The following tables exists for DNS parameters, taken from https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml on the 2016-12-09. CLASS, CLASS_STR, TYPE, TYPE_STR, OPCODE, OPCODE_STR, RCODE, RCODE_STR, AFSDB, AFSDB_STR, DHCID, DHCID_STR, ENDS0, ENDS0_STR The *_STR tables can be used to get a textual representation of the numbers, see also class_tostring(), type_tostring(), opcode_tostring(), rcode_tostring(), afsdb_tostring(), dhcid_tostring() and edns0_tostring(). Functions Dns.new(obj) Create a new DNS object, optionally on-top of another object. Dns:type() Return the textual type of the object. Dns:prev() Return the previous object. Dns:cast() Cast the object to the underlining object module and return it. Dns:uncast() Cast the object to the generic object module and return it. Dns:copy() Make a copy of the object and return it. Dns:free() Free the object, should only be used on copies or otherwise allocated. Dns:log() Return the Log object to control logging of this module. Dns:parse_header() Begin parsing the underlaying object, first the header is parsed then optionally continue calling parse_q() for the number of questions (see qdcount). After that continue calling parse_rr() for the number of answers, authorities and additionals resource records (see ancount, nscount and arcount). Returns 0 on success or negative integer on error which can be for malformed or truncated DNS (-2) or if more space for labels is needed (-3). Dns:parse_q(q, labels, num_labels) Parse the next resource record as a question. Returns 0 on success or negative integer on error which can be for malformed or truncated DNS (-2) or if more space for labels is needed (-3). Dns:parse_rr(rr, labels, num_labels) Parse the next resource record. Returns 0 on success or negative integer on error which can be for malformed or truncated DNS (-2) or if more space for labels is needed (-3). Dns:parse(num_labels) Begin parsing the underlaying object using parse_header(), parse_q() and parse_rr(). The optional num_labels can be used to set a specific number of labels used for each question and resource record (default 16). Returns result code, an array of questions, an array of question labels, an array of resource records and an array of resource records labels. Result code is 0 on success or negative integer on error which can be for malformed or truncated DNS (-2) or if more space for labels is needed (-3). Dns:print(num_labels) Begin parsing the underlaying object using parse_header(), parse_q() and parse_rr(), and print it's content. The optional num_labels can be used to set a specific number of labels used for each question and resource record (default 16). Dns.class_tostring(class) Return the textual name for a class. Dns.type_tostring(type) Return the textual name for a type. Dns.opcode_tostring(opcode) Return the textual name for an opcode. Dns.rcode_tostring(rcode) Return the textual name for a rcode. Dns.afsdb_tostring(afsdb) Return the textual name for an afsdb subtype. Dns.dhcid_tostring(dhcid) Return the textual name for a dhcid type. Dns.edns0_tostring(edns0) Return the textual name for an EDNS0 OPT record.
SEE ALSO
dnsjit.core.object(3), dnsjit.core.object.payload(3), dnsjit.core.object.dns.label(3), dnsjit.core.object.dns.q(3), dnsjit.core.object.dns.rr(3)
AUTHORS and CONTRIBUTORS
Jerry Lundström (DNS-OARC), Tomáš Křížek (CZ.NIC), Petr Špaček (ISC) Maintained by DNS-OARC https://www.dns-oarc.net/
BUGS
For issues and feature requests please use: https://github.com/DNS-OARC/dnsjit/issues For question and help please use: admin@dns-oarc.net