dnscap
dnscap copied to clipboard
DNS-OARC
Network capture utility designed specifically for DNS traffic
As far as I can tell current anonymization plugins do not anonymise ECS metadata in EDNS payload. This poses problem when anonymizing data from public resolvers (where ECS is more...
Modern versions of SSL libraries support TLS session key logging via environment variable `SSLKEYLOGFILE`. This opens possibility to decipher TLS traffic in dnscap and to log DNS traffic from "inside"...
Hi Happy developers at DNS-OARC ;-), A small question, is there a specific reason why a simple JSON stream export is not in dnscap? We did some work on CBOR...
``` dnscap: tcp pkt: 1525349647.139778 [ 2] 172.17.0.10 -> 8.8.8.8; want=d80b905c; seq=d80b905c; diff=00000000; lastdns=00000000; len output: capturedbytes=682, proto=6, isfrag=no, isdns=no, olen=54, payloadlen=0 [54] 2018-05-03 12:14:07.139778 [#10 eth0 4095] \ [172.17.0.10].47414...
Since `seqdiff` is based on starting seq and never updated, it can overrun the 32bit range.
As #128 fixed handling of padded packets, display information about padded packets and padding data when using `-g`
Not handling alarm signal correctly if sent from outside.
Received report about performance dropping to 10-20% due to high amount of TCP, maybe offload TCP handling to a different thread?