suricata
app-layer-dns-common.h File Reference
#include "app-layer-protos.h"
#include "app-layer-parser.h"
Include dependency graph for app-layer-dns-common.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  DNSHeader_
 DNS packet header. More...
 

Macros

#define DNS_MAX_SIZE   256
 
#define DNS_RECORD_TYPE_A   1
 
#define DNS_RECORD_TYPE_NS   2
 
#define DNS_RECORD_TYPE_MD   3
 
#define DNS_RECORD_TYPE_MF   4
 
#define DNS_RECORD_TYPE_CNAME   5
 
#define DNS_RECORD_TYPE_SOA   6
 
#define DNS_RECORD_TYPE_MB   7
 
#define DNS_RECORD_TYPE_MG   8
 
#define DNS_RECORD_TYPE_MR   9
 
#define DNS_RECORD_TYPE_NULL   10
 
#define DNS_RECORD_TYPE_WKS   11
 
#define DNS_RECORD_TYPE_PTR   12
 
#define DNS_RECORD_TYPE_HINFO   13
 
#define DNS_RECORD_TYPE_MINFO   14
 
#define DNS_RECORD_TYPE_MX   15
 
#define DNS_RECORD_TYPE_TXT   16
 
#define DNS_RECORD_TYPE_RP   17
 
#define DNS_RECORD_TYPE_AFSDB   18
 
#define DNS_RECORD_TYPE_X25   19
 
#define DNS_RECORD_TYPE_ISDN   20
 
#define DNS_RECORD_TYPE_RT   21
 
#define DNS_RECORD_TYPE_NSAP   22
 
#define DNS_RECORD_TYPE_NSAPPTR   23
 
#define DNS_RECORD_TYPE_SIG   24
 
#define DNS_RECORD_TYPE_KEY   25
 
#define DNS_RECORD_TYPE_PX   26
 
#define DNS_RECORD_TYPE_GPOS   27
 
#define DNS_RECORD_TYPE_AAAA   28
 
#define DNS_RECORD_TYPE_LOC   29
 
#define DNS_RECORD_TYPE_NXT   30
 
#define DNS_RECORD_TYPE_SRV   33
 
#define DNS_RECORD_TYPE_ATMA   34
 
#define DNS_RECORD_TYPE_NAPTR   35
 
#define DNS_RECORD_TYPE_KX   36
 
#define DNS_RECORD_TYPE_CERT   37
 
#define DNS_RECORD_TYPE_A6   38
 
#define DNS_RECORD_TYPE_DNAME   39
 
#define DNS_RECORD_TYPE_OPT   41
 
#define DNS_RECORD_TYPE_APL   42
 
#define DNS_RECORD_TYPE_DS   43
 
#define DNS_RECORD_TYPE_SSHFP   44
 
#define DNS_RECORD_TYPE_IPSECKEY   45
 
#define DNS_RECORD_TYPE_RRSIG   46
 
#define DNS_RECORD_TYPE_NSEC   47
 
#define DNS_RECORD_TYPE_DNSKEY   48
 
#define DNS_RECORD_TYPE_DHCID   49
 
#define DNS_RECORD_TYPE_NSEC3   50
 
#define DNS_RECORD_TYPE_NSEC3PARAM   51
 
#define DNS_RECORD_TYPE_TLSA   52
 
#define DNS_RECORD_TYPE_HIP   55
 
#define DNS_RECORD_TYPE_CDS   59
 
#define DNS_RECORD_TYPE_CDNSKEY   60
 
#define DNS_RECORD_TYPE_SPF   99
 
#define DNS_RECORD_TYPE_TKEY   249
 
#define DNS_RECORD_TYPE_TSIG   250
 
#define DNS_RECORD_TYPE_MAILA   254
 
#define DNS_RECORD_TYPE_ANY   255
 
#define DNS_RECORD_TYPE_URI   256
 
#define DNS_RCODE_NOERROR   0
 
#define DNS_RCODE_FORMERR   1
 
#define DNS_RCODE_SERVFAIL   2
 
#define DNS_RCODE_NXDOMAIN   3
 
#define DNS_RCODE_NOTIMP   4
 
#define DNS_RCODE_REFUSED   5
 
#define DNS_RCODE_YXDOMAIN   6
 
#define DNS_RCODE_YXRRSET   7
 
#define DNS_RCODE_NXRRSET   8
 
#define DNS_RCODE_NOTAUTH   9
 
#define DNS_RCODE_NOTZONE   10
 
#define DNS_RCODE_BADVERS   16
 
#define DNS_RCODE_BADSIG   16
 
#define DNS_RCODE_BADKEY   17
 
#define DNS_RCODE_BADTIME   18
 
#define DNS_RCODE_BADMODE   19
 
#define DNS_RCODE_BADNAME   20
 
#define DNS_RCODE_BADALG   21
 
#define DNS_RCODE_BADTRUNC   22
 

Typedefs

typedef struct RSDNSState_ RSDNSState
 
typedef struct RSDNSTransaction_ RSDNSTransaction
 

Enumerations

enum  {
  DNS_DECODER_EVENT_UNSOLLICITED_RESPONSE, DNS_DECODER_EVENT_MALFORMED_DATA, DNS_DECODER_EVENT_NOT_A_REQUEST, DNS_DECODER_EVENT_NOT_A_RESPONSE,
  DNS_DECODER_EVENT_Z_FLAG_SET, DNS_DECODER_EVENT_FLOODED, DNS_DECODER_EVENT_STATE_MEMCAP_REACHED
}
 

Functions

struct DNSHeader_ __attribute__ ((__packed__)) DNSHeader
 DNS packet header. More...
 
int DNSStateGetEventInfo (const char *event_name, int *event_id, AppLayerEventType *event_type)
 
int DNSStateGetEventInfoById (int event_id, const char **event_name, AppLayerEventType *event_type)
 
void DNSAppLayerRegisterGetEventInfo (uint8_t ipproto, AppProto alproto)
 
void DNSAppLayerRegisterGetEventInfoById (uint8_t ipproto, AppProto alproto)
 
void DNSCreateTypeString (uint16_t type, char *str, size_t str_size)
 
void DNSCreateRcodeString (uint8_t rcode, char *str, size_t str_size)
 

Variables

uint16_t tx_id
 
uint16_t flags
 
uint16_t questions
 
uint16_t answer_rr
 
uint16_t authority_rr
 
uint16_t additional_rr
 

Detailed Description

Macro Definition Documentation

#define DNS_MAX_SIZE   256

Definition at line 30 of file app-layer-dns-common.h.

#define DNS_RCODE_BADALG   21

Definition at line 110 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_BADKEY   17

Definition at line 106 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_BADMODE   19

Definition at line 108 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_BADNAME   20

Definition at line 109 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_BADSIG   16

Definition at line 105 of file app-layer-dns-common.h.

#define DNS_RCODE_BADTIME   18

Definition at line 107 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_BADTRUNC   22

Definition at line 111 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_BADVERS   16

Definition at line 104 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_FORMERR   1

Definition at line 92 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_NOERROR   0

Definition at line 91 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_NOTAUTH   9

Definition at line 100 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_NOTIMP   4

Definition at line 95 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_NOTZONE   10

Definition at line 101 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_NXDOMAIN   3

Definition at line 94 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_NXRRSET   8

Definition at line 99 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_REFUSED   5

Definition at line 96 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_SERVFAIL   2

Definition at line 93 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_YXDOMAIN   6

Definition at line 97 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RCODE_YXRRSET   7

Definition at line 98 of file app-layer-dns-common.h.

Referenced by DNSCreateRcodeString().

#define DNS_RECORD_TYPE_A   1

Definition at line 32 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_A6   38

Definition at line 67 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_AAAA   28

Definition at line 59 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_AFSDB   18

Definition at line 49 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_ANY   255

Definition at line 88 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_APL   42

Definition at line 70 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_ATMA   34

Definition at line 63 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_CDNSKEY   60

Definition at line 83 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_CDS   59

Definition at line 82 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_CERT   37

Definition at line 66 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_CNAME   5

Definition at line 36 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_DHCID   49

Definition at line 77 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_DNAME   39

Definition at line 68 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_DNSKEY   48

Definition at line 76 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_DS   43

Definition at line 71 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_GPOS   27

Definition at line 58 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_HINFO   13

Definition at line 44 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_HIP   55

Definition at line 81 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_IPSECKEY   45

Definition at line 73 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_ISDN   20

Definition at line 51 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_KEY   25

Definition at line 56 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_KX   36

Definition at line 65 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_LOC   29

Definition at line 60 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MAILA   254

Definition at line 87 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MB   7

Definition at line 38 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MD   3

Definition at line 34 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MF   4

Definition at line 35 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MG   8

Definition at line 39 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MINFO   14

Definition at line 45 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MR   9

Definition at line 40 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_MX   15

Definition at line 46 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NAPTR   35

Definition at line 64 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NS   2

Definition at line 33 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NSAP   22

Definition at line 53 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NSAPPTR   23

Definition at line 54 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NSEC   47

Definition at line 75 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NSEC3   50

Definition at line 78 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NSEC3PARAM   51

Definition at line 79 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NULL   10

Definition at line 41 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_NXT   30

Definition at line 61 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_OPT   41

Definition at line 69 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_PTR   12

Definition at line 43 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_PX   26

Definition at line 57 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_RP   17

Definition at line 48 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_RRSIG   46

Definition at line 74 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_RT   21

Definition at line 52 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_SIG   24

Definition at line 55 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_SOA   6

Definition at line 37 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_SPF   99

Definition at line 84 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_SRV   33

Definition at line 62 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_SSHFP   44

Definition at line 72 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_TKEY   249

Definition at line 85 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_TLSA   52

Definition at line 80 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_TSIG   250

Definition at line 86 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_TXT   16

Definition at line 47 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_URI   256

Definition at line 89 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_WKS   11

Definition at line 42 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

#define DNS_RECORD_TYPE_X25   19

Definition at line 50 of file app-layer-dns-common.h.

Referenced by DNSCreateTypeString().

Typedef Documentation

typedef struct RSDNSState_ RSDNSState

Opaque Rust types.

Definition at line 124 of file app-layer-dns-common.h.

typedef struct RSDNSTransaction_ RSDNSTransaction

Definition at line 125 of file app-layer-dns-common.h.

Enumeration Type Documentation

anonymous enum
Enumerator
DNS_DECODER_EVENT_UNSOLLICITED_RESPONSE 
DNS_DECODER_EVENT_MALFORMED_DATA 
DNS_DECODER_EVENT_NOT_A_REQUEST 
DNS_DECODER_EVENT_NOT_A_RESPONSE 
DNS_DECODER_EVENT_Z_FLAG_SET 
DNS_DECODER_EVENT_FLOODED 
DNS_DECODER_EVENT_STATE_MEMCAP_REACHED 

Definition at line 113 of file app-layer-dns-common.h.

Function Documentation

struct DNSHeader_ __attribute__ ( (__packed__)  )

DNS packet header.

DNS packet header.

Unified2 Extra Data Header Unified2 Extra Data (currently used only for XFF)

DNS packet header.

DNP3 internal indicators.

DNP3 application header.

Part of the application header for responses only.

Unified2 Extra Data Header Unified2 Extra Data (currently used only for XFF)

Definition at line 92 of file alert-unified2-alert.c.

void DNSAppLayerRegisterGetEventInfo ( uint8_t  ipproto,
AppProto  alproto 
)

Definition at line 71 of file app-layer-dns-common.c.

References AppLayerParserRegisterGetEventInfo(), and DNSStateGetEventInfo().

Referenced by RegisterDNSTCPParsers(), and RegisterDNSUDPParsers().

Here is the call graph for this function:

Here is the caller graph for this function:

void DNSAppLayerRegisterGetEventInfoById ( uint8_t  ipproto,
AppProto  alproto 
)

Definition at line 78 of file app-layer-dns-common.c.

References AppLayerParserRegisterGetEventInfoById(), and DNSStateGetEventInfoById().

Referenced by RegisterDNSTCPParsers(), and RegisterDNSUDPParsers().

Here is the call graph for this function:

Here is the caller graph for this function:

int DNSStateGetEventInfo ( const char *  event_name,
int *  event_id,
AppLayerEventType event_type 
)

Definition at line 39 of file app-layer-dns-common.c.

References APP_LAYER_EVENT_TYPE_TRANSACTION, SC_ERR_INVALID_ENUM_MAP, SCLogError, and SCMapEnumNameToValue().

Referenced by DNSAppLayerRegisterGetEventInfo().

Here is the call graph for this function:

Here is the caller graph for this function:

int DNSStateGetEventInfoById ( int  event_id,
const char **  event_name,
AppLayerEventType event_type 
)

Definition at line 55 of file app-layer-dns-common.c.

References APP_LAYER_EVENT_TYPE_TRANSACTION, SC_ERR_INVALID_ENUM_MAP, SCLogError, and SCMapEnumValueToName().

Referenced by DNSAppLayerRegisterGetEventInfoById().

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

uint16_t additional_rr

Definition at line 273 of file app-layer-dns-common.h.

uint16_t answer_rr

Definition at line 271 of file app-layer-dns-common.h.

uint16_t authority_rr

Definition at line 272 of file app-layer-dns-common.h.

uint16_t flags

Definition at line 269 of file app-layer-dns-common.h.

Referenced by AppLayerHtpNeedFileInspection(), AppLayerIncTxCounter(), AppLayerParserGetTxDetectFlags(), AppLayerParserRegisterOptionFlags(), AppLayerParserStreamTruncated(), DCERPCParser(), DetectAppLayerEventRegister(), DetectAsn1Register(), DetectDceIfaceRegister(), DetectDceOpnumRegister(), DetectDNP3Register(), DetectEngineContentInspection(), DetectFileextRegister(), DetectFilemagicRegister(), DetectFilenameRegister(), DetectFilesizeRegister(), DetectFilestoreRegister(), DetectFlagsRegister(), DetectFlagsSignatureNeedsSynOnlyPackets(), DetectFtpbounceRegister(), DetectFtpdataRegister(), DetectGeoipRegister(), DetectHttpClientBodyRegister(), DetectKrb5ErrCodeRegister(), DetectKrb5MsgTypeRegister(), DetectLuaRegister(), DetectNfsProcedureRegister(), DetectNfsVersionRegister(), DetectSignatureApplyActions(), DetectSNMPPduTypeRegister(), DetectSNMPVersionRegister(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectTemplateRustBufferRegister(), DetectTlsCertsRegister(), DetectTlsRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), FileFlowToFlags(), FileSetRange(), FlowGetDisruptionFlags(), GetIfaceMaxPacketSize(), HtpConfigRestoreBackup(), HTPFileOpen(), HTPFreeConfig(), MimeDecFindField(), MpmAddPattern(), MpmAddPatternCI(), OutputRegisterFiledataLogger(), PacketAlertAppend(), PatternStrength(), SCHTPGenerateNormalizedUri(), SCProfilingDumpPacketStats(), SCProfilingPrintPacketProfile(), SigMatchStrictEnabled(), SMTPProcessDataChunk(), SMTPStateAlloc(), SSLSetEvent(), SSLVersionToString(), TagTimeoutCheck(), TmModuleDecodeNetmapRegister(), TmThreadSpawn(), and Unified2AlertInitCtx().

uint16_t questions

Definition at line 270 of file app-layer-dns-common.h.