[Oisf-devel] Request adding response Format Error on dns decoder please

Mon Aug 18 20:05:52 UTC 2014

Hi,

First, Thx you Suricata devel team and OISF team and Community.

I'm currently testing dns decoder and I request a enhancement,

because when a dns "Response" with Format Error, dns decoder write on dns.log: "No Such Name"

Maybe replace by "Format Error" please ?

Tshark output response example:
  2 21:37:35.058567 192.168.0.1 -> 192.168.0.2 DNS 76 Standard query response 0xc162 Format error

and Suricata v2.1beta1 output:
  08/18/2014-21:37:35.057923 [**] Response TX c162 [**] No Such Name [**] 192.168.0.1:53 -> 192.168.0.2:47401

If you are ok, I'm open a new redmine ticket.

Regards
@Rmkml