Add trafgen_l7.c module with DNS proto header generation with support of filling DNS query/answer/authority/additional sections as sub headers.
Introcuded new concept as 'sub header' which is needed to easy handle DNS sections which might be added on-demand, and to simplify using sub-header as regular header with a fields, offset, etc. There is a parent header which contains array of pointers of sub-headers, and the array is ordered as they are located in the parent header. The sub-headers mostly encapsulated by the parent header which 'knows' the semantic of them. The new proto_hdr->push_sub_header(...) callback was added to tell the parent header to push the sub-header's fields, sub-header also may have proto_ops which must be filled by the parent. This sub-header concept might be used in the future if it will be needed to support DHCP, WLAN headers. There are 4 kinds of DNS sub-headers - query, answer, authority, additional. 'id' of each sub-header is used to only differentiate these types of sections. These sections have strict order inside DNS header, and there was added the proto_hdr_move_sub_header(...) to sort them in required order. Actually there are only 2 proto_hdr's which describes 4 DNS sections - query & rrecord, because rrecord covers another 3 - answer, auhority, additional which have the same layout. Add new syntax for DNS header generation via 'dns()' proto function. The fields are supported: id - 16 bit identifier qr - message is a query(0) or response(1) op|oper - specified kind of query aanswer - authoritative answer flag trunc - message was truncated flag rdesired - recursion desired flag ravail - recursion available flag zero - reserved for future use rcode - response code qdcount - number of entries in question section ancount - number of entries in answer section nscount - number of entries in authority section arcount - number of entries in additional section Also there are functions to generate DNS sections: 'qry()' function to generate separate query entry: name - variable domain name type - type of the query class - class of the query 'ans()', 'auth()', 'add' functions to generate separate answer, authoritative, adidditional entry with the same fields layout: name - variable domain name type - resource record type class - class of the data ttl - time interval that the record may be cached len - length of data data - variable length of bytes All the DNS section entries will be automaticlly sorted by DNS proto API in the way which is required by DNS header: query entries answer entries authoritative entries additional entries 'name' field in qry/ans/auth/add functions is automatically converted to FQDN format if it was specified as "string". There are also added functions to simplify the way of filling some often used RR types for using them inside ans/auth/add functions: addr(ipv4_addr | ipv6_addr) - fills the following RR fields: len - 4 or 16 depends on IPv4 or IPv6 address was specified data - is filled with IPv4 or IPv6 address type - 1 for IPv4 address, 28 - for IPv6 ns(string) type - 2 cname(string) type - 5 ptr(string) type - 12 EXAMPLES: { dns(qr=1, auth(name="ns1", ns("ns1.org")), ans(name="www.google.com", cname("google.com")), auth(name="aa", ns("bb")), qry(name="www.google.com")) } { dns(qr=1, ans(name="www.google.com", addr(1.2.3.4))) } { dns(qr=1, ans(name="www.google.com", addr(1::))) } RFC -> PATCH: 1) Removed empty lines after 'break' in switch blocks 2) Use xmemdupz instead malloc + memcpy 3) Squash commit with 'len' parameter 4) Do not change 'index' field in proto_hdr struct to 'int. Vadim Kochan (4): trafgen: proto: Allow to set field with variable length str: Add function for converting string into DNS name trafgen: l7: Add DNS header generation API trafgen: parser: Add syntax to generate DNS header str.c | 37 +++++++++ str.h | 1 + trafgen/Makefile | 1 + trafgen_l2.c | 6 +- trafgen_l4.c | 32 ++++++++ trafgen_l7.c | 170 +++++++++++++++++++++++++++++++++++++++++ trafgen_l7.h | 45 +++++++++++ trafgen_lexer.l | 24 ++++++ trafgen_parser.y | 197 ++++++++++++++++++++++++++++++++++++++++++++++- trafgen_proto.c | 229 ++++++++++++++++++++++++++++++++++++++++++++++++------- trafgen_proto.h | 22 +++++- 11 files changed, 730 insertions(+), 34 deletions(-) create mode 100644 trafgen_l7.c create mode 100644 trafgen_l7.h -- 2.12.1 -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.