def _dns_response(self, rec, payload, rev):
try:
from pldns import ldns # pylint: disable=E0611
if rev is True:
dns = ldns(payload)
if dns.is_ok():
if dns.is_response:
rec['dns_response_valid'] = True
except ImportError:
raise RuntimeError("python-libtrace is not installed! "
"Cannot dissect DNS!")
except ValueError:
pass # Wasn't a DNS payload
return not rec['dns_response_valid']
t.start()
n = 0; margin = ' '*7
for pkt in t:
n += 1 # Wireshark uses 1-org packet numbers
ip = pkt.ip
if not ip:
continue # Not IP
if ip.frag_offset != 0:
continue # Non-first fragment
udp = pkt.udp
if not udp:
continue # Not UDP
ldns_obj = pldns.ldns(udp.payload)
test_println("%5d: %s -> %s" % (n, udp.src_prefix, udp.dst_prefix), get_tag())
if not ldns_obj.is_ok():
test_println("%sCouldn't make ldns_obj, status = <%s>" % (
margin, ldns_obj.errorstr(ldns_obj.status)), get_tag())
continue
rk = 'query'
if ldns_obj.is_response:
rk = 'response'
test_println("%s%s, ident=%04x, opcode=%d (%s), rcode=%d (%s)" % (margin,
rk, ldns_obj.ident, ldns_obj.opcode, pldns.opcodestr(ldns_obj.opcode),
ldns_obj.rcode, pldns.rcodestr(ldns_obj.rcode)), get_tag())
q_rr_list = ldns_obj.query_rr_list
n += 1 # Wireshark uses 1-org packet numbers
ip = pkt.ip
if not ip:
continue # Not IP
if ip.frag_offset != 0:
continue # Non-first fragment
tcp = pkt.tcp
if not tcp:
continue # Not TCP
if not (tcp.src_port == 53 or tcp.dst_port == 53):
continue
payload = tcp.payload
if not payload:
continue
ldns_obj = pldns.ldns(payload)
test_println("%5d: %s -> %s" % (n, tcp.src_prefix, tcp.dst_prefix),
get_tag())
if not ldns_obj.is_ok():
test_println(
"%sCouldn't make ldns_obj, status = <%s>" %
(margin, ldns_obj.errorstr(ldns_obj.status)), get_tag())
continue
rk = 'query'
if ldns_obj.is_response:
rk = 'response'
test_println(
"%s%s, ident=%04x, opcode=%d (%s), rcode=%d (%s)" %
(margin, rk, ldns_obj.ident, ldns_obj.opcode,
n += 1 # Wireshark uses 1-org packet numbers
ip = pkt.ip
if not ip:
continue # Not IP
if ip.frag_offset != 0:
continue # Non-first fragment
tcp = pkt.tcp
if not tcp:
continue # Not TCP
if not (tcp.src_port == 53 or tcp.dst_port == 53):
continue
payload = tcp.payload
if not payload:
continue
ldns_obj = pldns.ldns(payload)
test_println("%5d: %s -> %s" % (n, tcp.src_prefix, tcp.dst_prefix), get_tag())
if not ldns_obj.is_ok():
test_println("%sCouldn't make ldns_obj, status = <%s>" % (
margin, ldns_obj.errorstr(ldns_obj.status)), get_tag())
continue
rk = 'query'
if ldns_obj.is_response:
rk = 'response'
test_println("%s%s, ident=%04x, opcode=%d (%s), rcode=%d (%s)" % (margin,
rk, ldns_obj.ident, ldns_obj.opcode, pldns.opcodestr(ldns_obj.opcode),
ldns_obj.rcode, pldns.rcodestr(ldns_obj.rcode)), get_tag())
q_rr_list = ldns_obj.query_rr_list