[Oisf-devel] RFC: DNS app layer and logging (WIP)
Peter Manev
petermanev at gmail.com
Wed Apr 24 00:10:01 UTC 2013
Nice -
04/24/2013-02:02:55.949132 [**] Response TX c840 [**] daisy.ubuntu.com
[**] A [**] TTL 143 [**] 91.189.95.54 [**] 192.168.1.1:53 ->
192.168.1.131:41876
04/24/2013-02:02:55.949132 [**] Response TX c840 [**] daisy.ubuntu.com
[**] A [**] TTL 143 [**] 91.189.95.55 [**] 192.168.1.1:53 ->
192.168.1.131:41876
04/24/2013-02:04:13.616403 [**] Query TX d9bb [**] www.abc.com [**] A
[**] 192.168.1.131:36272 -> 8.8.8.8:53
04/24/2013-02:04:13.616403 [**] Response TX d9bb [**] www.abc.com [**]
CNAME [**] TTL 125 [**] abc.com [**] 8.8.8.8:53 -> 192.168.1.131:36272
04/24/2013-02:04:13.616403 [**] Response TX d9bb [**] abc.com [**] A
[**] TTL 125 [**] 199.181.132.250 [**] 8.8.8.8:53 ->
192.168.1.131:36272
04/24/2013-02:05:09.099575 [**] Query TX 0cbd [**] www.abc.com [**] A
[**] 192.168.1.131:41897 -> 8.8.8.8:53
04/24/2013-02:05:09.099575 [**] Response TX 0cbd [**] www.abc.com [**]
CNAME [**] TTL 70 [**] abc.com [**] 8.8.8.8:53 -> 192.168.1.131:41897
04/24/2013-02:05:09.099575 [**] Response TX 0cbd [**] abc.com [**] A
[**] TTL 70 [**] 199.181.132.250 [**] 8.8.8.8:53 ->
192.168.1.131:41897
04/24/2013-02:05:09.961158 [**] Query TX d655 [**] www.abc.com [**] A
[**] 192.168.1.131:49242 -> 8.8.8.8:53
I'll be testing some more ...with rules ...
Thanks
--
Regards,
Peter Manev
More information about the Oisf-devel
mailing list