dnslogger

Crates.iodnslogger
lib.rsdnslogger
version0.1.3
sourcesrc
created_at2019-01-12 17:55:41.955806
updated_at2020-09-27 19:04:29.258388
descriptionPassive dns sniffer. Provides dnslogger binary and a dns parser library.
homepagehttps://github.com/eahlstrom/dnslogger
repositoryhttps://github.com/eahlstrom/dnslogger
max_upload_size
id108181
size82,698
Erik Ahlström (eahlstrom)

documentation

README

dnslogger

Passive dns sniffer. Provides dnslogger binary and a dns parser library.

Install

Before installing make sure you have: libpcap-dev

cargo install dnslogger --locked

or

cargo build --release && cargo install --path .

Usage

$ dnslogger --help
dnslogger 0.1.3
Erik Ahlström 
Passive dns sniffer. Provides dnslogger binary and a dns parser library.

USAGE:
    dnslogger [FLAGS] [OPTIONS] [bpf_expression]

FLAGS:
    -h, --help       Prints help information
    -v, --verbose    Verbose mode (-v, -vv, -vvv, etc.)
    -V, --version    Prints version information

OPTIONS:
    -i             Listen on interface
    -o         Set output format [default: Text]  [possible values: Text, Json]
    -r             Read captured packets from pcap file

ARGS:
        Set capture filter [default: src port (53 or 5353 or 5355)]

$ dnslogger -r fixtures/dns/dns.pcap 
1112172466.496576  UDP     192.168.170.20:53 -> 192.168.170.8:32795     4146   Query/Response   NoError         q:|IN/TXT/google.com|                   a:|IN/270/TXT/google.com("v=spf1 ptr ?all")|
...

$ dnslogger -r fixtures/dns/dns.pcap -o json
{"ts":"1112172466.496576","proto":"UDP","src":"192.168.170.20","sport":53,"dest":"192.168.170.8","dport":32795,"qid":4146,"opcode":"Query","qr":"Response","rcode":"NoError","queries":[{"qclass":"IN","qtype":"TXT","qname":"google.com"}],"answers":[{"name":"google.com","rrtype":"TXT","rrclass":"IN","ttl":270,"rdata":{"TXT":{"len":15,"bytes":[118,61,115,112,102,49,32,112,116,114,32,63,97,108,108],"text":"v=spf1 ptr ?all"}}}],"nsrecords":[],"arecords":[]}
Commit count: 19

cargo fmt