Giter Site home page Giter Site logo

dnslogger's Introduction

dnslogger

Passive dns sniffer. Provides dnslogger binary and a dns parser library.

Install

Before installing make sure you have: libpcap-dev

cargo install dnslogger --locked

or

cargo build --release && cargo install --path .

Usage

$ dnslogger --help
dnslogger 0.1.3
Erik Ahlström 
Passive dns sniffer. Provides dnslogger binary and a dns parser library.

USAGE:
    dnslogger [FLAGS] [OPTIONS] [bpf_expression]

FLAGS:
    -h, --help       Prints help information
    -v, --verbose    Verbose mode (-v, -vv, -vvv, etc.)
    -V, --version    Prints version information

OPTIONS:
    -i             Listen on interface
    -o         Set output format [default: Text]  [possible values: Text, Json]
    -r             Read captured packets from pcap file

ARGS:
        Set capture filter [default: src port (53 or 5353 or 5355)]

$ dnslogger -r fixtures/dns/dns.pcap 
1112172466.496576  UDP     192.168.170.20:53 -> 192.168.170.8:32795     4146   Query/Response   NoError         q:|IN/TXT/google.com|                   a:|IN/270/TXT/google.com("v=spf1 ptr ?all")|
...

$ dnslogger -r fixtures/dns/dns.pcap -o json
{"ts":"1112172466.496576","proto":"UDP","src":"192.168.170.20","sport":53,"dest":"192.168.170.8","dport":32795,"qid":4146,"opcode":"Query","qr":"Response","rcode":"NoError","queries":[{"qclass":"IN","qtype":"TXT","qname":"google.com"}],"answers":[{"name":"google.com","rrtype":"TXT","rrclass":"IN","ttl":270,"rdata":{"TXT":{"len":15,"bytes":[118,61,115,112,102,49,32,112,116,114,32,63,97,108,108],"text":"v=spf1 ptr ?all"}}}],"nsrecords":[],"arecords":[]}

dnslogger's People

Contributors

eahlstrom avatar tailot avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

ethanverdin1 samyascha

dnslogger's Issues

Fails to compile.

Sorry, I'm new to Rust, so I don't know how to fix this, or what information I should provide.

$ cargo install dnslogger
    Updating crates.io index
  Downloaded dnslogger v0.1.1
  Downloaded 1 crate (18.3 KB) in 1.47s
  Installing dnslogger v0.1.1
  Downloaded log v0.3.9
  Downloaded quote v0.6.13
  Downloaded rustc-serialize v0.3.24
  Downloaded unicode-xid v0.1.0
  Downloaded syn v0.15.44
  Downloaded proc-macro2 v0.4.30
  Downloaded glob v0.2.11
  Downloaded itoa v0.4.6
  Downloaded version_check v0.1.5
  Downloaded nom v4.2.3
  Downloaded serde_derive v1.0.112
  Downloaded env_logger v0.6.2
  Downloaded serde v1.0.112
  Downloaded syntex v0.42.2
  Downloaded term v0.4.6
  Downloaded syntex_errors v0.42.0
  Downloaded hex v0.3.2
  Downloaded structopt-derive v0.2.18
  Downloaded pnet_sys v0.22.0
  Downloaded pnet_base v0.22.0
  Downloaded pnet_base v0.26.0
  Downloaded pnet_macros_support v0.22.0
  Downloaded structopt v0.2.18
  Downloaded pnet_transport v0.22.0
  Downloaded ipnetwork v0.14.0
  Downloaded bitflags v0.5.0
  Downloaded syntex_pos v0.42.0
  Downloaded pnet_datalink v0.22.0
  Downloaded unicode-xid v0.0.3
  Downloaded pnet_macros v0.26.0
  Downloaded pnet v0.22.0
  Downloaded pnet_packet v0.22.0
  Downloaded syntex_syntax v0.42.0
  Downloaded 33 crates (1.1 MB) in 1.61s
   Compiling libc v0.2.71
   Compiling log v0.4.8
   Compiling cfg-if v0.1.10
   Compiling memchr v2.3.3
   Compiling rustc-serialize v0.3.24
   Compiling unicode-xid v0.0.3
   Compiling lazy_static v1.4.0
   Compiling term v0.4.6
   Compiling regex-syntax v0.6.18
   Compiling bitflags v0.5.0
   Compiling serde v1.0.112
   Compiling proc-macro2 v0.4.30
   Compiling unicode-xid v0.1.0
   Compiling glob v0.2.11
   Compiling proc-macro2 v1.0.18
   Compiling bitflags v1.2.1
   Compiling pnet_base v0.22.0
   Compiling pnet_base v0.26.0
   Compiling syn v0.15.44
   Compiling unicode-xid v0.2.0
   Compiling unicode-width v0.1.7
   Compiling unicode-segmentation v1.6.0
   Compiling ryu v1.0.5
   Compiling syn v1.0.31
   Compiling version_check v0.1.5
   Compiling serde_json v1.0.55
   Compiling quick-error v1.2.3
   Compiling vec_map v0.8.2
   Compiling pnet v0.22.0
   Compiling ansi_term v0.11.0
   Compiling pcap v0.7.0
   Compiling strsim v0.8.0
   Compiling itoa v0.4.6
   Compiling termcolor v1.1.0
   Compiling hex v0.3.2
   Compiling thread_local v1.0.1
   Compiling syntex_pos v0.42.0
   Compiling pnet_macros_support v0.22.0
   Compiling textwrap v0.11.0
   Compiling heck v0.3.1
   Compiling humantime v1.3.0
   Compiling nom v4.2.3
   Compiling log v0.3.9
   Compiling aho-corasick v0.7.10
   Compiling atty v0.2.14
   Compiling pnet_sys v0.22.0
   Compiling quote v0.6.13
   Compiling quote v1.0.7
   Compiling syntex_errors v0.42.0
   Compiling regex v1.3.9
   Compiling clap v2.33.1
   Compiling ipnetwork v0.14.0
   Compiling syntex_syntax v0.42.0
   Compiling env_logger v0.6.2
   Compiling pnet_datalink v0.22.0
   Compiling structopt-derive v0.2.18
   Compiling syntex v0.42.2
   Compiling pnet_macros v0.26.0
   Compiling serde_derive v1.0.112
   Compiling structopt v0.2.18
   Compiling pnet_packet v0.22.0
error[E0599]: no method named `to_primitive_values` found for struct `pnet_base::MacAddr` in the current scope
   --> /tmp/cargo-install6VcT6T/release/build/pnet_packet-c30accbe0b6da844/out/ethernet.rs:442:24
    |
442 |         let vals = val.to_primitive_values();
    |                        ^^^^^^^^^^^^^^^^^^^ method not found in `pnet_base::MacAddr`

error[E0599]: no method named `to_primitive_values` found for struct `pnet_base::MacAddr` in the current scope
   --> /tmp/cargo-install6VcT6T/release/build/pnet_packet-c30accbe0b6da844/out/ethernet.rs:499:24
    |
499 |         let vals = val.to_primitive_values();
    |                        ^^^^^^^^^^^^^^^^^^^ method not found in `pnet_base::MacAddr`

error[E0599]: no method named `to_primitive_values` found for struct `pnet_base::MacAddr` in the current scope
   --> /tmp/cargo-install6VcT6T/release/build/pnet_packet-c30accbe0b6da844/out/arp.rs:776:24
    |
776 |         let vals = val.to_primitive_values();
    |                        ^^^^^^^^^^^^^^^^^^^ method not found in `pnet_base::MacAddr`

error[E0599]: no method named `to_primitive_values` found for struct `pnet_base::MacAddr` in the current scope
   --> /tmp/cargo-install6VcT6T/release/build/pnet_packet-c30accbe0b6da844/out/arp.rs:874:24
    |
874 |         let vals = val.to_primitive_values();
    |                        ^^^^^^^^^^^^^^^^^^^ method not found in `pnet_base::MacAddr`

error: aborting due to 4 previous errors

For more information about this error, try `rustc --explain E0599`.
error: failed to compile `dnslogger v0.1.1`, intermediate artifacts can be found at `/tmp/cargo-install6VcT6T`

Caused by:
  could not compile `pnet_packet`.

To learn more, run the command again with --verbose.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.