Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/policy/protocols/dns
History
Jon Siwek 00a4865885 Merge branch 'dns-original-query-case' of https://github.com/rvictory/zeek 
Changes during merge
- Changed the policy script to use an event handler that behaves
  for like the base script: &priority=5, msg$opcode != early-out,
  no record field existence checks
- Also extended dns_query_reply event with original_query param
- Removed ExtractName overload, and just use default param

* 'dns-original-query-case' of https://github.com/rvictory/zeek:
  Fixed some places where tabs became spaces
  Stricter checking if we have a dns field on the connection being processed
  Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.
2020-06-26 00:07:02 -07:00
..
auth-addl.zeek Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
detect-external-names.zeek GH-234: rename Broxygen to Zeexygen along with roles/directives 2019-04-22 19:45:50 -07:00
log-original-query-case.zeek Merge branch 'dns-original-query-case' of https://github.com/rvictory/zeek 2020-06-26 00:07:02 -07:00