osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

dns: add filters for retransmitted and unsolicited packets. 

Change-Id: I1af293a9dc53869858dafc5921792aa3fbbfe766
Reviewed-on: https://code.wireshark.org/review/26536
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This commit is contained in:
Dario Lombardo 2018-03-18 17:55:08 +01:00 committed by Alexis La Goutte
parent 9a864b6e64
commit 6cff9f0720
2 changed files with 29 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docbook/release-notes.asciidoc
View File

@ -87,6 +87,7 @@ since version 2.4.0:
* The Windows installers and packages now ship with Qt 5.9.4.
* The generic data dissector can now uncompress zlib compressed data.
* Dns Stats now support service-level stats.
* Dns filters for retransmissions and unsolicited responses have been added.
//=== Removed Dissectors

29
epan/dissectors/packet-dns.c
View File

@ -340,9 +340,11 @@ static int hf_dns_tsig_other_len = -1;
static int hf_dns_tsig_other_data = -1;
static int hf_dns_response_in = -1;
static int hf_dns_response_to = -1;
static int hf_dns_retransmission = -1;
static int hf_dns_retransmit_request_in = -1;
static int hf_dns_retransmit_response_in = -1;
static int hf_dns_time = -1;
static int hf_dns_unsolicited = -1;
static int hf_dns_sshfp_algorithm = -1;
static int hf_dns_sshfp_fingerprint_type = -1;
static int hf_dns_sshfp_fingerprint = -1;
@ -3943,6 +3945,11 @@ dissect_dns_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
it=proto_tree_add_uint(dns_tree, hf_dns_retransmit_request_in, tvb, 0, 0, dns_trans->req_frame);
PROTO_ITEM_SET_GENERATED(it);
if (!pinfo->flags.in_error_pkt) {
it=proto_tree_add_boolean(dns_tree, hf_dns_retransmission, tvb, 0, 0, TRUE);
PROTO_ITEM_SET_GENERATED(it);
}
} else if (dns_trans->rep_frame) {
it=proto_tree_add_uint(dns_tree, hf_dns_response_in, tvb, 0, 0, dns_trans->rep_frame);
@ -3950,13 +3957,18 @@ dissect_dns_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
}
} else {
/* This is a reply */
proto_item *it;
if (dns_trans->req_frame) {
proto_item *it;
if ((retransmission) && (dns_trans->rep_frame)) {
expert_add_info_format(pinfo, transaction_item, &ei_dns_retransmit_response, "DNS response retransmission. Original response in frame %d", dns_trans->rep_frame);
it=proto_tree_add_uint(dns_tree, hf_dns_retransmit_response_in, tvb, 0, 0, dns_trans->rep_frame);
PROTO_ITEM_SET_GENERATED(it);
if (!pinfo->flags.in_error_pkt) {
it=proto_tree_add_boolean(dns_tree, hf_dns_retransmission, tvb, 0, 0, TRUE);
PROTO_ITEM_SET_GENERATED(it);
}
} else {
it=proto_tree_add_uint(dns_tree, hf_dns_response_to, tvb, 0, 0, dns_trans->req_frame);
PROTO_ITEM_SET_GENERATED(it);
@ -3965,6 +3977,11 @@ dissect_dns_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
it=proto_tree_add_time(dns_tree, hf_dns_time, tvb, 0, 0, &delta);
PROTO_ITEM_SET_GENERATED(it);
}
} else {
if (!retransmission) {
it=proto_tree_add_boolean(dns_tree, hf_dns_unsolicited, tvb, 0, 0, TRUE);
PROTO_ITEM_SET_GENERATED(it);
}
}
}
@ -5342,6 +5359,11 @@ proto_register_dns(void)
FT_FRAMENUM, BASE_NONE, FRAMENUM_TYPE(FT_FRAMENUM_REQUEST), 0x0,
"This is a response to the DNS query in this frame", HFILL }},
{ &hf_dns_retransmission,
{ "Retransmission", "dns.retransmission",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"This is a retransmission", HFILL }},
{ &hf_dns_retransmit_request_in,
{ "Retransmitted request. Original request in", "dns.retransmit_request_in",
FT_FRAMENUM, BASE_NONE, NULL, 0x0,
@ -5357,6 +5379,11 @@ proto_register_dns(void)
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"The time between the Query and the Response", HFILL }},
{ &hf_dns_unsolicited,
{ "Unsolicited", "dns.unsolicited",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"This is an unsolicited response", HFILL }},
{ &hf_dns_count_add_rr,
{ "Additional RRs", "dns.count.add_rr",
FT_UINT16, BASE_DEC, NULL, 0x0,