[dns-operations] rejiggered dnscap command line arguments, V1.0-RC6 (October 2007)
Paul Vixie
paul at vix.com
Thu Oct 25 22:31:28 UTC 2007
one more thing (just added to dnscap anoncvs)...
-b Diagnostic output based on the -g option will be brief --
more like ncaptool and less like dig.
this is something joao wanted which i wasn't done with earlier today. the
output looks like this:
#sa:amd64# dnscap -g -b -c2
[126] 2007-10-25 22:25:44.909918 [#0 bge0 0] \
[193.0.0.193].53 [204.152.187.1].53 \
dns QUERY,NOERROR,11425,qr \
1 25.94.52.82.in-addr.arpa,IN,PTR 0 \
2 94.52.82.in-addr.arpa,IN,NS,43200,dnsti.interbusiness.it \
94.52.82.in-addr.arpa,IN,NS,43200,dnst3.interbusiness.it 0
[70] 2007-10-25 22:25:44.911683 [#1 bge0 0] \
[204.152.187.1].55864 [151.99.125.5].55864 \
dns QUERY,NOERROR,26296 \
1 25.94.52.82.in-addr.arpa,IN,PTR 0 0 0
#sa:amd64#
this is based on the next generation of dnscap that i've also been working on
(called "ncaptool"). the output format is intended to be read by a perl or
other script, which "dig"-like output doesn't make easy. format description:
> first there's a header, which has three subsections, opcode, rcode, flags.
> the next four are the qd/an/ns/ar sections beginning with a "count" of the
> number of records therein, followed by the records. each record has some
> subsections: name, class, type, ttl, and rdata. qd sections don't have ttl
> or rdata. for rdata we don't know how to print (basically anything but A,
> AAAA, NS, MX, PTR, SOA, and CNAME), it shows as [rdlen]. OPT is ugly but
> visible.
(perl's "shift" and "split" operators fell in love with all this, instantly.)
More information about the dns-operations
mailing list