mirror of
https://github.com/maride/pancap.git
synced 2025-10-10 19:36:51 +00:00
Add loop to analyze ethernet packets further; add basic DNS packet analyzer
This commit is contained in:
parent
187e80b972
commit
23afe01d76
50
src/ethernet/dns.go
Normal file
50
src/ethernet/dns.go
Normal file
@ -0,0 +1,50 @@
|
||||
package ethernet
|
||||
|
||||
import (
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"log"
|
||||
)
|
||||
|
||||
var (
|
||||
numQuestions int
|
||||
numAnswers int
|
||||
)
|
||||
|
||||
// Called on every DNS packet
|
||||
func processDNSPacket(packet gopacket.Packet) error {
|
||||
var dnspacket layers.DNS
|
||||
|
||||
// Decode raw packet into DNS
|
||||
decodeErr := dnspacket.DecodeFromBytes(packet.ApplicationLayer().LayerContents(), gopacket.NilDecodeFeedback)
|
||||
if decodeErr != nil {
|
||||
// Encountered an error during decoding, most likely a broken packet
|
||||
return decodeErr
|
||||
}
|
||||
|
||||
// Further process the packet
|
||||
processDNSQuestion(dnspacket.Questions)
|
||||
processDNSAnswers(dnspacket.Answers)
|
||||
|
||||
// No error encountered, return clean
|
||||
return nil
|
||||
}
|
||||
|
||||
// Called on every DNS packet to process questions
|
||||
func processDNSQuestion(questions []layers.DNSQuestion) {
|
||||
for _, _ = range questions {
|
||||
numQuestions++
|
||||
}
|
||||
}
|
||||
|
||||
// Called on every DNS packet to process response(s)
|
||||
func processDNSAnswers(answers []layers.DNSResourceRecord) {
|
||||
for _, _ = range answers {
|
||||
numAnswers++
|
||||
}
|
||||
}
|
||||
|
||||
// Print a summary after all packets were processed
|
||||
func printDNSSummary() {
|
||||
log.Printf("%d DNS Questions, %d DNS Answers in total", numQuestions, numAnswers)
|
||||
}
|
||||
@ -1,8 +1,42 @@
|
||||
package ethernet
|
||||
|
||||
import "github.com/google/gopacket"
|
||||
import (
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"log"
|
||||
)
|
||||
|
||||
func Analyze(source *gopacket.PacketSource) error {
|
||||
// Dummy
|
||||
// Loop over all packets now
|
||||
for {
|
||||
packet, packetErr := source.NextPacket()
|
||||
if packet == nil {
|
||||
// We iterated over all packets, we're done here
|
||||
break
|
||||
} else if packetErr != nil {
|
||||
// encountered some problem, report it
|
||||
log.Printf("Encountered a problem with a packet: %s", packetErr.Error())
|
||||
continue
|
||||
}
|
||||
|
||||
// Check if we can do some Application Layer statistics with this packet
|
||||
if packet.ApplicationLayer() != nil {
|
||||
// We can, switch over the type
|
||||
switch packet.ApplicationLayer().LayerType() {
|
||||
case layers.LayerTypeDNS:
|
||||
// Handle DNS packet
|
||||
processDNSPacket(packet)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// After processing all packets, print summary
|
||||
printSummary()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Prints all the summaries.
|
||||
func printSummary() {
|
||||
printDNSSummary()
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user