pom-ng:proto:dns
This is an old revision of the document!
Table of Contents
Protocol dns
This module parses DNS connections as defined in RFC 1035 and others.
Events
| Name | Payload associated | Description |
|---|---|---|
| dns_record | no | Contains all the information about a DNS record from the reply of a server. |
dns_record
This event is generated for each record seen in a DNS reply.
| Field | Type | Description |
|---|---|---|
| name | string | Name of the record. |
| ttl | uint32 | Time to live. |
| type | uint16 | Record type. |
| class | uint16 | Record class. |
| values | see below | Values of the RR. |
Depending on the RR type, multiple values are available :
| RR Type | Value | Type | Description |
|---|---|---|---|
| A | a | ipv4 | IPv4 address of the A record. |
| AAAA | aaaa | ipv6 | IPv6 address of the AAAA record. |
| CNAME | cname | string | Canonical name. |
| PTR | ptr | string | Pointer name. |
| MX | mx_pref | uint16 | MX preference. |
| mx | string | Mail exchange server. |
Packet fields
| Name | Type | Description |
|---|---|---|
| id | uint16 | ID. |
| response | bool | True is this is a response from a server. False otherwise. |
| rcode | uint8 | Response code. |
| qdcount | uint16 | Question count. |
| ancount | uint16 | Answer count. |
| nscount | uint16 | Name server count. |
| arcount | uint16 | Additional record count. |
Parameters
None.
pom-ng/proto/dns.1351896667.txt.gz · Last modified: (external edit)