[−][src]Crate dnslogger
dnslogger
passive dns logger.
use pcap::{Capture, PacketHeader}; use pnet::packet::{ ethernet::{EtherTypes, EthernetPacket}, ip::IpNextHeaderProtocols, ipv4::Ipv4Packet, udp::UdpPacket, Packet, }; pub fn handle_packet(packet: &pcap::Packet) { let ethernet = EthernetPacket::new(packet.data).unwrap(); let resolve_all_resource_records = true; match ethernet.get_ethertype() { EtherTypes::Ipv4 => { let ipv4_packet = Ipv4Packet::new(ethernet.payload()).unwrap(); if let IpNextHeaderProtocols::Udp = ipv4_packet.get_next_level_protocol() { let udp_packet = UdpPacket::new(ipv4_packet.payload()).unwrap(); let (rest, dns_message) = dnslogger::parse::dns_message( udp_packet.payload(), resolve_all_resource_records ).unwrap(); println!("{:?}", dns_message); println!("{:02x?}", rest); } } _ => println!("unhandled packet: {:?}", ethernet), } }
Modules
parse |