mirror of
https://github.com/maride/pancap.git
synced 2024-11-22 08:54:24 +00:00
Add loop to analyze ethernet packets further; add basic DNS packet analyzer
This commit is contained in:
parent
187e80b972
commit
23afe01d76
50
src/ethernet/dns.go
Normal file
50
src/ethernet/dns.go
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
package ethernet
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/google/gopacket"
|
||||||
|
"github.com/google/gopacket/layers"
|
||||||
|
"log"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
numQuestions int
|
||||||
|
numAnswers int
|
||||||
|
)
|
||||||
|
|
||||||
|
// Called on every DNS packet
|
||||||
|
func processDNSPacket(packet gopacket.Packet) error {
|
||||||
|
var dnspacket layers.DNS
|
||||||
|
|
||||||
|
// Decode raw packet into DNS
|
||||||
|
decodeErr := dnspacket.DecodeFromBytes(packet.ApplicationLayer().LayerContents(), gopacket.NilDecodeFeedback)
|
||||||
|
if decodeErr != nil {
|
||||||
|
// Encountered an error during decoding, most likely a broken packet
|
||||||
|
return decodeErr
|
||||||
|
}
|
||||||
|
|
||||||
|
// Further process the packet
|
||||||
|
processDNSQuestion(dnspacket.Questions)
|
||||||
|
processDNSAnswers(dnspacket.Answers)
|
||||||
|
|
||||||
|
// No error encountered, return clean
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Called on every DNS packet to process questions
|
||||||
|
func processDNSQuestion(questions []layers.DNSQuestion) {
|
||||||
|
for _, _ = range questions {
|
||||||
|
numQuestions++
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Called on every DNS packet to process response(s)
|
||||||
|
func processDNSAnswers(answers []layers.DNSResourceRecord) {
|
||||||
|
for _, _ = range answers {
|
||||||
|
numAnswers++
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Print a summary after all packets were processed
|
||||||
|
func printDNSSummary() {
|
||||||
|
log.Printf("%d DNS Questions, %d DNS Answers in total", numQuestions, numAnswers)
|
||||||
|
}
|
||||||
@ -1,8 +1,42 @@
|
|||||||
package ethernet
|
package ethernet
|
||||||
|
|
||||||
import "github.com/google/gopacket"
|
import (
|
||||||
|
"github.com/google/gopacket"
|
||||||
|
"github.com/google/gopacket/layers"
|
||||||
|
"log"
|
||||||
|
)
|
||||||
|
|
||||||
func Analyze(source *gopacket.PacketSource) error {
|
func Analyze(source *gopacket.PacketSource) error {
|
||||||
// Dummy
|
// Loop over all packets now
|
||||||
|
for {
|
||||||
|
packet, packetErr := source.NextPacket()
|
||||||
|
if packet == nil {
|
||||||
|
// We iterated over all packets, we're done here
|
||||||
|
break
|
||||||
|
} else if packetErr != nil {
|
||||||
|
// encountered some problem, report it
|
||||||
|
log.Printf("Encountered a problem with a packet: %s", packetErr.Error())
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if we can do some Application Layer statistics with this packet
|
||||||
|
if packet.ApplicationLayer() != nil {
|
||||||
|
// We can, switch over the type
|
||||||
|
switch packet.ApplicationLayer().LayerType() {
|
||||||
|
case layers.LayerTypeDNS:
|
||||||
|
// Handle DNS packet
|
||||||
|
processDNSPacket(packet)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// After processing all packets, print summary
|
||||||
|
printSummary()
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Prints all the summaries.
|
||||||
|
func printSummary() {
|
||||||
|
printDNSSummary()
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user