[dns-operations] can you suggest dns test/log tool
Sebastian E. Castro Avila
secastro at nic.cl
Thu Aug 10 22:04:10 UTC 2006
On Thu, 10 Aug 2006 17:40:51 -0400, william(at)elan.net <william at elan.net>
wrote:
>
> On Thu, 10 Aug 2006, Florian Weimer wrote:
>
>> * william elan net:
>>
>>> I'm using tethereal right now, it provides some info but not dns query
>>> flags. So what I need would have to be protocol-aware and also I need
>>> it to support both UDP and TCP.
>>
>> Huh? tethereal -V does not display query flags? Mine does:
>
> Note quite the format I'm looking for, but ok I'll write a
> filter to get it into something log-parser friendly.
> And I guess Paul Vixie and John Kristoff are right - if I have to
> parse it further I might as well just do it directly from tcpdump.
> Thanks everyone.
May be you should try the "-T pdml" option, which generate a kind of XML
output easier to be parsed.
I used that one to analyze lots of packets preparing for the presentation
given at DNS-Ops meeting last June.
Later I moved to a binary parser of the capture file, because the solution
using XML doesn't scale (too much time, too much memory)
Another options could be used the code from dnstop (thanks Duanne) to
dissambly of the packets and then whatever you want.
My two "pesos" ;-)
Kind Regards
--
Sebastian E. Castro Avila sebastian at nic.cl
Administrador de DNS, NIC Chile
More information about the dns-operations
mailing list