DNS: Add two test files (over TCP and over UDP)

author: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> 2020-06-10 11:44:10 +0200
committer: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> 2020-06-10 11:50:32 +0200
commit: 403ae5774ba79909da85efebec754a2c82b24053 (patch)
tree: cdcbf9d5562bd9ef667cd8d369c28d0f72535345 /tests
parent: eaa6900996c0055969eb6f12ecb642d4579c07ed (diff)
download: tcpdump-403ae5774ba79909da85efebec754a2c82b24053.tar.gz
11 files changed, 101 insertions, 0 deletions
diff --git a/tests/TESTLIST b/tests/TESTLIST
index a023709d..7566f63d 100644
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -260,6 +260,16 @@ nflog-e nflog.pcap nflog-e.out -e
 # syslog test case
 syslog-v	syslog_udp.pcap		syslog-v.out		-v
 
+# DNS test cases
+dns_tcp dns_tcp.pcap dns_tcp.out
+dns_tcp-v dns_tcp.pcap dns_tcp-v.out -v
+dns_tcp-vv dns_tcp.pcap dns_tcp-vv.out -vv
+dns_tcp-vvv dns_tcp.pcap dns_tcp-vvv.out -vvv
+dns_udp dns_udp.pcap dns_udp.out
+dns_udp-v dns_udp.pcap dns_udp-v.out -v
+dns_udp-vv dns_udp.pcap dns_udp-vv.out -vv
+dns_udp-vvv dns_udp.pcap dns_udp-vvv.out -vvv
+
 # DNS on non-standard ports.
 dns_tcp_8053 dns_tcp_8053.pcap dns_tcp_8053.out -vv
 dns_tcp_8053-T dns_tcp_8053.pcap dns_tcp_8053-T.out -vv -T domain
diff --git a/tests/dns_tcp-v.out b/tests/dns_tcp-v.out
new file mode 100644
index 00000000..c94e4702
--- /dev/null
+++ b/tests/dns_tcp-v.out
@@ -0,0 +1,22 @@
+    1  09:21:03.720289 IP (tos 0x0, ttl 64, id 39720, offset 0, flags [DF], proto TCP (6), length 60)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [S], cksum 0x0c41 (correct), seq 603899916, win 64240, options [mss 1460,sackOK,TS val 2044906138 ecr 0,nop,wscale 7], length 0
+    2  09:21:03.846908 IP (tos 0x0, ttl 128, id 46, offset 0, flags [none], proto TCP (6), length 44)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [S.], cksum 0xdded (correct), seq 2043824403, ack 603899917, win 64240, options [mss 1460], length 0
+    3  09:21:03.847060 IP (tos 0x0, ttl 64, id 39721, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf5aa (correct), ack 1, win 64240, length 0
+    4  09:21:03.847323 IP (tos 0x0, ttl 64, id 39722, offset 0, flags [DF], proto TCP (6), length 98)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [P.], cksum 0x7796 (correct), seq 1:59, ack 1, win 64240, length 58 17177+ [1au] A? www.tcpdump.org. (56)
+    5  09:21:03.847457 IP (tos 0x0, ttl 128, id 47, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [.], cksum 0xf570 (correct), ack 59, win 64240, length 0
+    6  09:21:03.973180 IP (tos 0x0, ttl 128, id 48, offset 0, flags [none], proto TCP (6), length 266)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [P.], cksum 0x080a (correct), seq 1:227, ack 59, win 64240, length 226 17177*- 2/2/5 www.tcpdump.org. A 192.139.46.66, www.tcpdump.org. A 198.199.88.104 (224)
+    7  09:21:03.973220 IP (tos 0x0, ttl 64, id 39723, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf570 (correct), ack 227, win 64014, length 0
+    8  09:21:03.974844 IP (tos 0x0, ttl 64, id 39724, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [F.], cksum 0xf56f (correct), seq 59, ack 227, win 64014, length 0
+    9  09:21:03.975246 IP (tos 0x0, ttl 128, id 49, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [.], cksum 0xf48e (correct), ack 60, win 64239, length 0
+   10  09:21:04.101184 IP (tos 0x0, ttl 128, id 50, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [FP.], cksum 0xf485 (correct), seq 227, ack 60, win 64239, length 0
+   11  09:21:04.101256 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf56e (correct), ack 228, win 64014, length 0
diff --git a/tests/dns_tcp-vv.out b/tests/dns_tcp-vv.out
new file mode 100644
index 00000000..307a7a84
--- /dev/null
+++ b/tests/dns_tcp-vv.out
@@ -0,0 +1,22 @@
+    1  09:21:03.720289 IP (tos 0x0, ttl 64, id 39720, offset 0, flags [DF], proto TCP (6), length 60)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [S], cksum 0x0c41 (correct), seq 603899916, win 64240, options [mss 1460,sackOK,TS val 2044906138 ecr 0,nop,wscale 7], length 0
+    2  09:21:03.846908 IP (tos 0x0, ttl 128, id 46, offset 0, flags [none], proto TCP (6), length 44)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [S.], cksum 0xdded (correct), seq 2043824403, ack 603899917, win 64240, options [mss 1460], length 0
+    3  09:21:03.847060 IP (tos 0x0, ttl 64, id 39721, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf5aa (correct), seq 1, ack 1, win 64240, length 0
+    4  09:21:03.847323 IP (tos 0x0, ttl 64, id 39722, offset 0, flags [DF], proto TCP (6), length 98)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [P.], cksum 0x7796 (correct), seq 1:59, ack 1, win 64240, length 58 17177+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 [COOKIE 8f06be7d691442f0] (56)
+    5  09:21:03.847457 IP (tos 0x0, ttl 128, id 47, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [.], cksum 0xf570 (correct), seq 1, ack 59, win 64240, length 0
+    6  09:21:03.973180 IP (tos 0x0, ttl 128, id 48, offset 0, flags [none], proto TCP (6), length 266)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [P.], cksum 0x080a (correct), seq 1:227, ack 59, win 64240, length 226 17177*- q: A? www.tcpdump.org. 2/2/5 www.tcpdump.org. A 192.139.46.66, www.tcpdump.org. A 198.199.88.104 ns: tcpdump.org. NS nic.sandelman.ca., tcpdump.org. NS sns.cooperix.net. ar: nic.sandelman.ca. A 209.87.249.18, nic.sandelman.ca. AAAA 2607:f0b0:f::babe:f00d, sns.cooperix.net. A 97.107.133.15, sns.cooperix.net. AAAA 2600:3c03::f03c:91ff:fe96:e8ef, . OPT UDPsize=4096 (224)
+    7  09:21:03.973220 IP (tos 0x0, ttl 64, id 39723, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf570 (correct), seq 59, ack 227, win 64014, length 0
+    8  09:21:03.974844 IP (tos 0x0, ttl 64, id 39724, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [F.], cksum 0xf56f (correct), seq 59, ack 227, win 64014, length 0
+    9  09:21:03.975246 IP (tos 0x0, ttl 128, id 49, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [.], cksum 0xf48e (correct), seq 227, ack 60, win 64239, length 0
+   10  09:21:04.101184 IP (tos 0x0, ttl 128, id 50, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [FP.], cksum 0xf485 (correct), seq 227, ack 60, win 64239, length 0
+   11  09:21:04.101256 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf56e (correct), seq 60, ack 228, win 64014, length 0
diff --git a/tests/dns_tcp-vvv.out b/tests/dns_tcp-vvv.out
new file mode 100644
index 00000000..3772d2b8
--- /dev/null
+++ b/tests/dns_tcp-vvv.out
@@ -0,0 +1,22 @@
+    1  09:21:03.720289 IP (tos 0x0, ttl 64, id 39720, offset 0, flags [DF], proto TCP (6), length 60)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [S], cksum 0x0c41 (correct), seq 603899916, win 64240, options [mss 1460,sackOK,TS val 2044906138 ecr 0,nop,wscale 7], length 0
+    2  09:21:03.846908 IP (tos 0x0, ttl 128, id 46, offset 0, flags [none], proto TCP (6), length 44)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [S.], cksum 0xdded (correct), seq 2043824403, ack 603899917, win 64240, options [mss 1460], length 0
+    3  09:21:03.847060 IP (tos 0x0, ttl 64, id 39721, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf5aa (correct), seq 1, ack 1, win 64240, length 0
+    4  09:21:03.847323 IP (tos 0x0, ttl 64, id 39722, offset 0, flags [DF], proto TCP (6), length 98)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [P.], cksum 0x7796 (correct), seq 1:59, ack 1, win 64240, length 58 17177+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 [COOKIE 8f06be7d691442f0] (56)
+    5  09:21:03.847457 IP (tos 0x0, ttl 128, id 47, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [.], cksum 0xf570 (correct), seq 1, ack 59, win 64240, length 0
+    6  09:21:03.973180 IP (tos 0x0, ttl 128, id 48, offset 0, flags [none], proto TCP (6), length 266)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [P.], cksum 0x080a (correct), seq 1:227, ack 59, win 64240, length 226 17177*- q: A? www.tcpdump.org. 2/2/5 www.tcpdump.org. [1m] A 192.139.46.66, www.tcpdump.org. [1m] A 198.199.88.104 ns: tcpdump.org. [1d] NS nic.sandelman.ca., tcpdump.org. [1d] NS sns.cooperix.net. ar: nic.sandelman.ca. [5m] A 209.87.249.18, nic.sandelman.ca. [5m] AAAA 2607:f0b0:f::babe:f00d, sns.cooperix.net. [2h] A 97.107.133.15, sns.cooperix.net. [2h] AAAA 2600:3c03::f03c:91ff:fe96:e8ef, . OPT UDPsize=4096 (224)
+    7  09:21:03.973220 IP (tos 0x0, ttl 64, id 39723, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf570 (correct), seq 59, ack 227, win 64014, length 0
+    8  09:21:03.974844 IP (tos 0x0, ttl 64, id 39724, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [F.], cksum 0xf56f (correct), seq 59, ack 227, win 64014, length 0
+    9  09:21:03.975246 IP (tos 0x0, ttl 128, id 49, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [.], cksum 0xf48e (correct), seq 227, ack 60, win 64239, length 0
+   10  09:21:04.101184 IP (tos 0x0, ttl 128, id 50, offset 0, flags [none], proto TCP (6), length 40)
+    209.87.249.18.53 > 192.168.1.11.33779: Flags [FP.], cksum 0xf485 (correct), seq 227, ack 60, win 64239, length 0
+   11  09:21:04.101256 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
+    192.168.1.11.33779 > 209.87.249.18.53: Flags [.], cksum 0xf56e (correct), seq 60, ack 228, win 64014, length 0
diff --git a/tests/dns_tcp.out b/tests/dns_tcp.out
new file mode 100644
index 00000000..7d240cd8
--- /dev/null
+++ b/tests/dns_tcp.out
@@ -0,0 +1,11 @@
+    1  09:21:03.720289 IP 192.168.1.11.33779 > 209.87.249.18.53: Flags [S], seq 603899916, win 64240, options [mss 1460,sackOK,TS val 2044906138 ecr 0,nop,wscale 7], length 0
+    2  09:21:03.846908 IP 209.87.249.18.53 > 192.168.1.11.33779: Flags [S.], seq 2043824403, ack 603899917, win 64240, options [mss 1460], length 0
+    3  09:21:03.847060 IP 192.168.1.11.33779 > 209.87.249.18.53: Flags [.], ack 1, win 64240, length 0
+    4  09:21:03.847323 IP 192.168.1.11.33779 > 209.87.249.18.53: Flags [P.], seq 1:59, ack 1, win 64240, length 58 17177+ [1au] A? www.tcpdump.org. (56)
+    5  09:21:03.847457 IP 209.87.249.18.53 > 192.168.1.11.33779: Flags [.], ack 59, win 64240, length 0
+    6  09:21:03.973180 IP 209.87.249.18.53 > 192.168.1.11.33779: Flags [P.], seq 1:227, ack 59, win 64240, length 226 17177*- 2/2/5 A 192.139.46.66, A 198.199.88.104 (224)
+    7  09:21:03.973220 IP 192.168.1.11.33779 > 209.87.249.18.53: Flags [.], ack 227, win 64014, length 0
+    8  09:21:03.974844 IP 192.168.1.11.33779 > 209.87.249.18.53: Flags [F.], seq 59, ack 227, win 64014, length 0
+    9  09:21:03.975246 IP 209.87.249.18.53 > 192.168.1.11.33779: Flags [.], ack 60, win 64239, length 0
+   10  09:21:04.101184 IP 209.87.249.18.53 > 192.168.1.11.33779: Flags [FP.], seq 227, ack 60, win 64239, length 0
+   11  09:21:04.101256 IP 192.168.1.11.33779 > 209.87.249.18.53: Flags [.], ack 228, win 64014, length 0
diff --git a/tests/dns_tcp.pcap b/tests/dns_tcp.pcap
new file mode 100644
index 00000000..0137cdf0
--- /dev/null
+++ b/tests/dns_tcp.pcap
diff --git a/tests/dns_udp-v.out b/tests/dns_udp-v.out
new file mode 100644
index 00000000..3e716bb4
--- /dev/null
+++ b/tests/dns_udp-v.out
@@ -0,0 +1,4 @@
+    1  09:19:54.740079 IP (tos 0x0, ttl 64, id 22989, offset 0, flags [none], proto UDP (17), length 84)
+    192.168.1.11.43966 > 209.87.249.18.53: 22836+ [1au] A? www.tcpdump.org. (56)
+    2  09:19:54.870361 IP (tos 0x0, ttl 128, id 45, offset 0, flags [none], proto UDP (17), length 252)
+    209.87.249.18.53 > 192.168.1.11.43966: 22836*- 2/2/5 www.tcpdump.org. A 192.139.46.66, www.tcpdump.org. A 198.199.88.104 (224)
diff --git a/tests/dns_udp-vv.out b/tests/dns_udp-vv.out
new file mode 100644
index 00000000..4e27ca13
--- /dev/null
+++ b/tests/dns_udp-vv.out
@@ -0,0 +1,4 @@
+    1  09:19:54.740079 IP (tos 0x0, ttl 64, id 22989, offset 0, flags [none], proto UDP (17), length 84)
+    192.168.1.11.43966 > 209.87.249.18.53: [udp sum ok] 22836+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 [COOKIE 42f5d00996f90b13] (56)
+    2  09:19:54.870361 IP (tos 0x0, ttl 128, id 45, offset 0, flags [none], proto UDP (17), length 252)
+    209.87.249.18.53 > 192.168.1.11.43966: [udp sum ok] 22836*- q: A? www.tcpdump.org. 2/2/5 www.tcpdump.org. A 192.139.46.66, www.tcpdump.org. A 198.199.88.104 ns: tcpdump.org. NS sns.cooperix.net., tcpdump.org. NS nic.sandelman.ca. ar: nic.sandelman.ca. A 209.87.249.18, nic.sandelman.ca. AAAA 2607:f0b0:f::babe:f00d, sns.cooperix.net. A 97.107.133.15, sns.cooperix.net. AAAA 2600:3c03::f03c:91ff:fe96:e8ef, . OPT UDPsize=4096 (224)
diff --git a/tests/dns_udp-vvv.out b/tests/dns_udp-vvv.out
new file mode 100644
index 00000000..128c60c7
--- /dev/null
+++ b/tests/dns_udp-vvv.out
@@ -0,0 +1,4 @@
+    1  09:19:54.740079 IP (tos 0x0, ttl 64, id 22989, offset 0, flags [none], proto UDP (17), length 84)
+    192.168.1.11.43966 > 209.87.249.18.53: [udp sum ok] 22836+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 [COOKIE 42f5d00996f90b13] (56)
+    2  09:19:54.870361 IP (tos 0x0, ttl 128, id 45, offset 0, flags [none], proto UDP (17), length 252)
+    209.87.249.18.53 > 192.168.1.11.43966: [udp sum ok] 22836*- q: A? www.tcpdump.org. 2/2/5 www.tcpdump.org. [1m] A 192.139.46.66, www.tcpdump.org. [1m] A 198.199.88.104 ns: tcpdump.org. [1d] NS sns.cooperix.net., tcpdump.org. [1d] NS nic.sandelman.ca. ar: nic.sandelman.ca. [5m] A 209.87.249.18, nic.sandelman.ca. [5m] AAAA 2607:f0b0:f::babe:f00d, sns.cooperix.net. [2h] A 97.107.133.15, sns.cooperix.net. [2h] AAAA 2600:3c03::f03c:91ff:fe96:e8ef, . OPT UDPsize=4096 (224)
diff --git a/tests/dns_udp.out b/tests/dns_udp.out
new file mode 100644
index 00000000..31f6057a
--- /dev/null
+++ b/tests/dns_udp.out
@@ -0,0 +1,2 @@
+    1  09:19:54.740079 IP 192.168.1.11.43966 > 209.87.249.18.53: 22836+ [1au] A? www.tcpdump.org. (56)
+    2  09:19:54.870361 IP 209.87.249.18.53 > 192.168.1.11.43966: 22836*- 2/2/5 A 192.139.46.66, A 198.199.88.104 (224)
diff --git a/tests/dns_udp.pcap b/tests/dns_udp.pcap
new file mode 100644
index 00000000..1b2a5f52
--- /dev/null
+++ b/tests/dns_udp.pcap
author	Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>	2020-06-10 11:44:10 +0200
committer	Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>	2020-06-10 11:50:32 +0200
commit	403ae5774ba79909da85efebec754a2c82b24053 (patch)
tree	cdcbf9d5562bd9ef667cd8d369c28d0f72535345 /tests
parent	eaa6900996c0055969eb6f12ecb642d4579c07ed (diff)
download	tcpdump-403ae5774ba79909da85efebec754a2c82b24053.tar.gz