diff options
| author | Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> | 2020-03-02 16:04:35 +0100 |
|---|---|---|
| committer | Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> | 2020-03-02 20:53:23 +0100 |
| commit | 9736efeb962a7e9b4e2e4929b04a0e88a1f690a7 (patch) | |
| tree | 3f4490942a42ecb9b22dd1e8b9691addaa010a64 /tests | |
| parent | fc84133d47585731ffc2455390b40d8306818434 (diff) | |
| download | tcpdump-9736efeb962a7e9b4e2e4929b04a0e88a1f690a7.tar.gz | |
Add "domain" as an option for -T
This allows tcpdump to handle DNS running on non-standard ports.
Add two test files with DNS over TCP and DNS over UDP, port 8053.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/TESTLIST | 6 | ||||
| -rw-r--r-- | tests/dns_tcp_8053-T.out | 22 | ||||
| -rw-r--r-- | tests/dns_tcp_8053.out | 22 | ||||
| -rw-r--r-- | tests/dns_tcp_8053.pcap | bin | 0 -> 1106 bytes | |||
| -rw-r--r-- | tests/dns_udp_8053-T.out | 4 | ||||
| -rw-r--r-- | tests/dns_udp_8053.out | 4 | ||||
| -rw-r--r-- | tests/dns_udp_8053.pcap | bin | 0 -> 404 bytes |
7 files changed, 58 insertions, 0 deletions
diff --git a/tests/TESTLIST b/tests/TESTLIST index b39b376d..c12259bd 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -254,6 +254,12 @@ nflog-e nflog.pcap nflog-e.out -e # syslog test case syslog-v syslog_udp.pcap syslog-v.out -v +# DNS on non-standard ports. +dns_tcp_8053 dns_tcp_8053.pcap dns_tcp_8053.out -vv +dns_tcp_8053-T dns_tcp_8053.pcap dns_tcp_8053-T.out -vv -T domain +dns_udp_8053 dns_udp_8053.pcap dns_udp_8053.out -vv +dns_udp_8053-T dns_udp_8053.pcap dns_udp_8053-T.out -vv -T domain + # DNSSEC from https://bugzilla.redhat.com/show_bug.cgi?id=205842, -vv exposes EDNS DO dnssec-vv dnssec.pcap dnssec-vv.out -vv diff --git a/tests/dns_tcp_8053-T.out b/tests/dns_tcp_8053-T.out new file mode 100644 index 00000000..124b5cef --- /dev/null +++ b/tests/dns_tcp_8053-T.out @@ -0,0 +1,22 @@ + 1 15:44:09.947213 IP (tos 0x0, ttl 64, id 42696, offset 0, flags [DF], proto TCP (6), length 60) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [S], cksum 0xf4f0 (correct), seq 3802885148, win 64240, options [mss 1460,sackOK,TS val 2931281549 ecr 0,nop,wscale 7], length 0 + 2 15:44:10.091462 IP (tos 0x0, ttl 128, id 4486, offset 0, flags [none], proto TCP (6), length 44) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [S.], cksum 0x1923 (correct), seq 856651289, ack 3802885149, win 64240, options [mss 1460], length 0 + 3 15:44:10.091537 IP (tos 0x0, ttl 64, id 42697, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [.], cksum 0x30e0 (correct), seq 1, ack 1, win 64240, length 0 + 4 15:44:10.092032 IP (tos 0x0, ttl 64, id 42698, offset 0, flags [DF], proto TCP (6), length 98) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [P.], cksum 0x9724 (correct), seq 1:59, ack 1, win 64240, length 58 56178+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 (56) + 5 15:44:10.092267 IP (tos 0x0, ttl 128, id 4487, offset 0, flags [none], proto TCP (6), length 40) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [.], cksum 0x30a6 (correct), seq 1, ack 59, win 64240, length 0 + 6 15:44:10.236187 IP (tos 0x0, ttl 128, id 4488, offset 0, flags [none], proto TCP (6), length 250) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [P.], cksum 0x69e6 (correct), seq 1:211, ack 59, win 64240, length 210 56178*- q: A? www.tcpdump.org. 1/2/5 www.tcpdump.org. A 192.139.46.66 ns: tcpdump.org. NS nic.sandelman.ca., tcpdump.org. NS sns.cooperix.net. ar: nic.sandelman.ca. A 209.87.249.18, nic.sandelman.ca. AAAA 2607:f0b0:f::babe:f00d, sns.cooperix.net. A 97.107.133.15, sns.cooperix.net. AAAA 2600:3c03::f03c:91ff:fe96:e8ef, . OPT UDPsize=4096 (208) + 7 15:44:10.236250 IP (tos 0x0, ttl 64, id 42699, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [.], cksum 0x30a6 (correct), seq 59, ack 211, win 64030, length 0 + 8 15:44:10.237389 IP (tos 0x0, ttl 64, id 42700, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [F.], cksum 0x30a5 (correct), seq 59, ack 211, win 64030, length 0 + 9 15:44:10.237718 IP (tos 0x0, ttl 128, id 4489, offset 0, flags [none], proto TCP (6), length 40) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [.], cksum 0x2fd4 (correct), seq 211, ack 60, win 64239, length 0 + 10 15:44:10.381399 IP (tos 0x0, ttl 128, id 4490, offset 0, flags [none], proto TCP (6), length 40) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [FP.], cksum 0x2fcb (correct), seq 211, ack 60, win 64239, length 0 + 11 15:44:10.381475 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [.], cksum 0x30a4 (correct), seq 60, ack 212, win 64030, length 0 diff --git a/tests/dns_tcp_8053.out b/tests/dns_tcp_8053.out new file mode 100644 index 00000000..a5e8328c --- /dev/null +++ b/tests/dns_tcp_8053.out @@ -0,0 +1,22 @@ + 1 15:44:09.947213 IP (tos 0x0, ttl 64, id 42696, offset 0, flags [DF], proto TCP (6), length 60) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [S], cksum 0xf4f0 (correct), seq 3802885148, win 64240, options [mss 1460,sackOK,TS val 2931281549 ecr 0,nop,wscale 7], length 0 + 2 15:44:10.091462 IP (tos 0x0, ttl 128, id 4486, offset 0, flags [none], proto TCP (6), length 44) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [S.], cksum 0x1923 (correct), seq 856651289, ack 3802885149, win 64240, options [mss 1460], length 0 + 3 15:44:10.091537 IP (tos 0x0, ttl 64, id 42697, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [.], cksum 0x30e0 (correct), seq 1, ack 1, win 64240, length 0 + 4 15:44:10.092032 IP (tos 0x0, ttl 64, id 42698, offset 0, flags [DF], proto TCP (6), length 98) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [P.], cksum 0x9724 (correct), seq 1:59, ack 1, win 64240, length 58 + 5 15:44:10.092267 IP (tos 0x0, ttl 128, id 4487, offset 0, flags [none], proto TCP (6), length 40) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [.], cksum 0x30a6 (correct), seq 1, ack 59, win 64240, length 0 + 6 15:44:10.236187 IP (tos 0x0, ttl 128, id 4488, offset 0, flags [none], proto TCP (6), length 250) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [P.], cksum 0x69e6 (correct), seq 1:211, ack 59, win 64240, length 210 + 7 15:44:10.236250 IP (tos 0x0, ttl 64, id 42699, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [.], cksum 0x30a6 (correct), seq 59, ack 211, win 64030, length 0 + 8 15:44:10.237389 IP (tos 0x0, ttl 64, id 42700, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [F.], cksum 0x30a5 (correct), seq 59, ack 211, win 64030, length 0 + 9 15:44:10.237718 IP (tos 0x0, ttl 128, id 4489, offset 0, flags [none], proto TCP (6), length 40) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [.], cksum 0x2fd4 (correct), seq 211, ack 60, win 64239, length 0 + 10 15:44:10.381399 IP (tos 0x0, ttl 128, id 4490, offset 0, flags [none], proto TCP (6), length 40) + 209.87.249.18.8053 > 192.168.1.11.57469: Flags [FP.], cksum 0x2fcb (correct), seq 211, ack 60, win 64239, length 0 + 11 15:44:10.381475 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) + 192.168.1.11.57469 > 209.87.249.18.8053: Flags [.], cksum 0x30a4 (correct), seq 60, ack 212, win 64030, length 0 diff --git a/tests/dns_tcp_8053.pcap b/tests/dns_tcp_8053.pcap Binary files differnew file mode 100644 index 00000000..f924df68 --- /dev/null +++ b/tests/dns_tcp_8053.pcap diff --git a/tests/dns_udp_8053-T.out b/tests/dns_udp_8053-T.out new file mode 100644 index 00000000..423460f0 --- /dev/null +++ b/tests/dns_udp_8053-T.out @@ -0,0 +1,4 @@ + 1 15:42:50.464436 IP (tos 0x0, ttl 64, id 38190, offset 0, flags [none], proto UDP (17), length 84) + 192.168.1.11.43757 > 209.87.249.18.8053: 323+ [1au] A? www.tcpdump.org. ar: . OPT UDPsize=4096 (56) + 2 15:42:50.613154 IP (tos 0x0, ttl 128, id 4483, offset 0, flags [none], proto UDP (17), length 236) + 209.87.249.18.8053 > 192.168.1.11.43757: 323*- q: A? www.tcpdump.org. 1/2/5 www.tcpdump.org. A 192.139.46.66 ns: tcpdump.org. NS sns.cooperix.net., tcpdump.org. NS nic.sandelman.ca. ar: nic.sandelman.ca. A 209.87.249.18, nic.sandelman.ca. AAAA 2607:f0b0:f::babe:f00d, sns.cooperix.net. A 97.107.133.15, sns.cooperix.net. AAAA 2600:3c03::f03c:91ff:fe96:e8ef, . OPT UDPsize=4096 (208) diff --git a/tests/dns_udp_8053.out b/tests/dns_udp_8053.out new file mode 100644 index 00000000..8019e066 --- /dev/null +++ b/tests/dns_udp_8053.out @@ -0,0 +1,4 @@ + 1 15:42:50.464436 IP (tos 0x0, ttl 64, id 38190, offset 0, flags [none], proto UDP (17), length 84) + 192.168.1.11.43757 > 209.87.249.18.8053: [udp sum ok] UDP, length 56 + 2 15:42:50.613154 IP (tos 0x0, ttl 128, id 4483, offset 0, flags [none], proto UDP (17), length 236) + 209.87.249.18.8053 > 192.168.1.11.43757: [udp sum ok] UDP, length 208 diff --git a/tests/dns_udp_8053.pcap b/tests/dns_udp_8053.pcap Binary files differnew file mode 100644 index 00000000..c2f8a638 --- /dev/null +++ b/tests/dns_udp_8053.pcap |