[netsniff-ng] Re: [RFC 0/7] Add DNS proto header support

2017-02-23 Thread Tobias Klauser 
Hi Vadim

On 2017-02-21 at 16:35:12 +0100, Vadim Kochan  wrote:
> On Mon, Jan 30, 2017 at 10:33 AM, Vadim Kochan  wrote:
[...]
> > Vadim Kochan (7):
> >   trafgen: parser: Rename bytes -> mac
> >   trafgen: proto: Add 'len' parameter to *_set_bytes(...) functions
> >   trafgen: proto: Allow to set field with variable length
> >   trafgen: parser: Use proto_field_set_xxx where it is possible
> >   str: Add function for converting string into DNS name
> >   trafgen: l7: Add DNS header generation API
> >   trafgen: parser: Add syntax to generate DNS header
> >
> >  str.c|  37 +
> >  str.h|   1 +
> >  trafgen/Makefile |   1 +
> >  trafgen_l2.c |   6 +-
> >  trafgen_l4.c |  32 
> >  trafgen_l7.c | 175 +
> >  trafgen_l7.h |  45 +++
> >  trafgen_lexer.l  |  26 ++-
> >  trafgen_parser.y | 216 ---
> >  trafgen_proto.c  | 231 
> > +--
> >  trafgen_proto.h  |  23 +-
> >  11 files changed, 750 insertions(+), 43 deletions(-)
> >  create mode 100644 trafgen_l7.c
> >  create mode 100644 trafgen_l7.h
> >
> > --
> > 2.11.0
> >
> 
> Hi Tobias,
> 
> I am sorry for the reminder, just want clarify if you will continue to
> review this.

Sorry, I'm quite busy at the moment but haven't forgotten about your
series. I'll finish reviewing it once time allows...

Thanks
Tobias

-- 
You received this message because you are subscribed to the Google Groups 
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[netsniff-ng] Re: [RFC 0/7] Add DNS proto header support

2017-02-21 Thread Vadim Kochan 
On Mon, Jan 30, 2017 at 10:33 AM, Vadim Kochan  wrote:
> Add trafgen_l7.c module with DNS proto header generation with
> support of filling DNS query/answer/authority/additional sections
> as sub headers.
>
> Introcuded new concept as 'sub header' which is needed to easy handle
> DNS sections which might be added on-demand, and to simplify using
> sub-header as regular header with a fields, offset, etc. There is a
> parent header which contains array of pointers of sub-headers, and the
> array is ordered as they are located in the parent header. The
> sub-headers mostly encapsulated by the parent header which 'knows'
> the semantic of them. The new proto_hdr->push_sub_header(...) callback
> was added to tell the parent header to push the sub-header's fields,
> sub-header also may have proto_ops which must be filled by the parent.
> This sub-header concept might be used in the future if it will be needed
> to support DHCP, WLAN headers.
>
> There are 4 kinds of DNS sub-headers - query, answer, authority,
> additional. 'id' of each sub-header is used to only differentiate these
> types of sections. These sections have strict order inside DNS header,
> and there was added the proto_hdr_move_sub_header(...) to sort them in
> required order.
>
> Actually there are only 2 proto_hdr's which describes 4 DNS sections -
> query & rrecord, because rrecord covers another 3 - answer, auhority,
> additional which have the same layout.
>
> Add new syntax for DNS header generation via 'dns()' proto function.
>
> The fields are supported:
>
> id  - 16 bit identifier
> qr  - message is a query(0) or response(1)
> op|oper - specified kind of query
> aanswer - authoritative answer flag
> trunc   - message was truncated flag
> rdesired- recursion desired flag
> ravail  - recursion available flag
> zero- reserved for future use
> rcode   - response code
> qdcount - number of entries in question section
> ancount - number of entries in answer section
> nscount - number of entries in authority section
> arcount - number of entries in additional section
>
> Also there are functions to generate DNS sections:
>
> 'qry()' function to generate separate query entry:
>
> name- variable domain name
> type- type of the query
> class   - class of the query
>
> 'ans()', 'auth()', 'add'  functions to generate separate answer,
> authoritative, adidditional entry with the same fields layout:
>
> name- variable domain name
> type- resource record type
> class   - class of the data
> ttl - time interval that the record may be cached
> len - length of data
> data- variable length of bytes
>
> All the DNS section entries will be automaticlly sorted by DNS proto API
> in the way which is required by DNS header:
>
> query entries
> answer entries
> authoritative entries
> additional entries
>
> 'name' field in qry/ans/auth/add functions is automatically converted to
> FQDN format if it was specified as "string".
>
> There are also added functions to simplify the way of filling
> some often used RR types for using them inside ans/auth/add functions:
>
> addr(ipv4_addr | ipv6_addr) - fills the following RR fields:
> len  - 4 or 16 depends on IPv4 or IPv6 address was specified
> data - is filled with IPv4 or IPv6 address
> type - 1 for IPv4 address, 28 - for IPv6
>
> ns(string)
> type - 2
>
> cname(string)
> type - 5
>
> ptr(string)
> type - 12
>
> EXAMPLES:
>
> {
> dns(qr=1,
> auth(name="ns1", ns("ns1.org")),
> ans(name="www.google.com", cname("google.com")),
> auth(name="aa", ns("bb")),
> qry(name="www.google.com"))
> }
>
> {
> dns(qr=1, ans(name="www.google.com", addr(1.2.3.4)))
> }
>
> {
> dns(qr=1, ans(name="www.google.com", addr(1::)))
> }
>
> Vadim Kochan (7):
>   trafgen: parser: Rename bytes -> mac
>   trafgen: proto: Add 'len' parameter to *_set_bytes(...) functions
>   trafgen: proto: Allow to set field with variable length
>   trafgen: parser: Use proto_field_set_xxx where it is possible
>   str: Add function for converting string into DNS name
>   trafgen: l7: Add DNS header generation API
>   trafgen: parser: Add syntax to generate DNS header
>
>  str.c|  37 +
>  str.h|   1 +
>  trafgen/Makefile |   1 +
>  trafgen_l2.c |   6 +-
>  trafgen_l4.c |  32 
>  trafgen_l7.c | 175