Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add DNS TKEY event

Browse source
This commit is contained in:
Evan Typanski 2024-08-13 15:27:25 -04:00
parent ec1088c3ef
commit 170276807b
9 changed files with 161 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

22
testing/btest/scripts/base/protocols/dns/tkey.zeek Normal file
View file

@ -0,0 +1,22 @@
# @TEST-EXEC: zeek -b -C -r $TRACES/dns/tkey.pcap %INPUT > output
# @TEST-EXEC: btest-diff dns.log
# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
# @TEST-EXEC: test ! -f weird.log
@load base/protocols/dns
redef dns_skip_all_addl = F;
event dns_TKEY(c: connection, msg: dns_msg, ans: dns_tkey)
{
print "TKEY";
print "query", ans$query;
print "qtype", ans$qtype;
print "alg_name", ans$alg_name;
print "inception", ans$inception;
print "expiration", ans$expiration;
print "mode", ans$mode;
print "rr_error", ans$rr_error;
print "key_data size", |ans$key_data|;
print "is_query", ans$is_query;
}