app-layer-dns-common_8h_source.html

 /* Copyright (C) 2013 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
  * Software Foundation.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * version 2 along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  * 02110-1301, USA.
  */

 /**
  * \file
  *
  * \author Victor Julien <victor@inliniac.net>
  */

 #ifndef __APP_LAYER_DNS_COMMON_H__
 #define __APP_LAYER_DNS_COMMON_H__

 #include "app-layer-protos.h"
 #include "app-layer-parser.h"

 #define DNS_MAX_SIZE 256

 #define DNS_RECORD_TYPE_A           1
 #define DNS_RECORD_TYPE_NS          2
 #define DNS_RECORD_TYPE_MD          3   // Obsolete
 #define DNS_RECORD_TYPE_MF          4   // Obsolete
 #define DNS_RECORD_TYPE_CNAME       5
 #define DNS_RECORD_TYPE_SOA         6
 #define DNS_RECORD_TYPE_MB          7   // Experimental
 #define DNS_RECORD_TYPE_MG          8   // Experimental
 #define DNS_RECORD_TYPE_MR          9   // Experimental
 #define DNS_RECORD_TYPE_NULL        10  // Experimental
 #define DNS_RECORD_TYPE_WKS         11
 #define DNS_RECORD_TYPE_PTR         12
 #define DNS_RECORD_TYPE_HINFO       13
 #define DNS_RECORD_TYPE_MINFO       14
 #define DNS_RECORD_TYPE_MX          15
 #define DNS_RECORD_TYPE_TXT         16
 #define DNS_RECORD_TYPE_RP          17
 #define DNS_RECORD_TYPE_AFSDB       18
 #define DNS_RECORD_TYPE_X25         19
 #define DNS_RECORD_TYPE_ISDN        20
 #define DNS_RECORD_TYPE_RT          21
 #define DNS_RECORD_TYPE_NSAP        22
 #define DNS_RECORD_TYPE_NSAPPTR     23
 #define DNS_RECORD_TYPE_SIG         24
 #define DNS_RECORD_TYPE_KEY         25
 #define DNS_RECORD_TYPE_PX          26
 #define DNS_RECORD_TYPE_GPOS        27
 #define DNS_RECORD_TYPE_AAAA        28
 #define DNS_RECORD_TYPE_LOC         29
 #define DNS_RECORD_TYPE_NXT         30  // Obosolete
 #define DNS_RECORD_TYPE_SRV         33
 #define DNS_RECORD_TYPE_ATMA        34
 #define DNS_RECORD_TYPE_NAPTR       35
 #define DNS_RECORD_TYPE_KX          36
 #define DNS_RECORD_TYPE_CERT        37
 #define DNS_RECORD_TYPE_A6          38  // Obsolete
 #define DNS_RECORD_TYPE_DNAME       39
 #define DNS_RECORD_TYPE_OPT         41
 #define DNS_RECORD_TYPE_APL         42
 #define DNS_RECORD_TYPE_DS          43
 #define DNS_RECORD_TYPE_SSHFP       44
 #define DNS_RECORD_TYPE_IPSECKEY    45
 #define DNS_RECORD_TYPE_RRSIG       46
 #define DNS_RECORD_TYPE_NSEC        47
 #define DNS_RECORD_TYPE_DNSKEY      48
 #define DNS_RECORD_TYPE_DHCID       49
 #define DNS_RECORD_TYPE_NSEC3       50
 #define DNS_RECORD_TYPE_NSEC3PARAM  51
 #define DNS_RECORD_TYPE_TLSA        52
 #define DNS_RECORD_TYPE_HIP         55
 #define DNS_RECORD_TYPE_CDS         59
 #define DNS_RECORD_TYPE_CDNSKEY     60
 #define DNS_RECORD_TYPE_SPF         99  // Obsolete
 #define DNS_RECORD_TYPE_TKEY        249
 #define DNS_RECORD_TYPE_TSIG        250
 #define DNS_RECORD_TYPE_MAILA       254 // Obsolete
 #define DNS_RECORD_TYPE_ANY         255
 #define DNS_RECORD_TYPE_URI         256

 #define DNS_RCODE_NOERROR       0
 #define DNS_RCODE_FORMERR       1
 #define DNS_RCODE_SERVFAIL      2
 #define DNS_RCODE_NXDOMAIN      3
 #define DNS_RCODE_NOTIMP        4
 #define DNS_RCODE_REFUSED       5
 #define DNS_RCODE_YXDOMAIN      6
 #define DNS_RCODE_YXRRSET       7
 #define DNS_RCODE_NXRRSET       8
 #define DNS_RCODE_NOTAUTH       9
 #define DNS_RCODE_NOTZONE       10
 // Support for OPT RR from RFC6891 will be needed to
 // parse RCODE values over 15
 #define DNS_RCODE_BADVERS       16
 #define DNS_RCODE_BADSIG        16
 #define DNS_RCODE_BADKEY        17
 #define DNS_RCODE_BADTIME       18
 #define DNS_RCODE_BADMODE       19
 #define DNS_RCODE_BADNAME       20
 #define DNS_RCODE_BADALG        21
 #define DNS_RCODE_BADTRUNC      22

 enum {
     DNS_DECODER_EVENT_UNSOLLICITED_RESPONSE,
     DNS_DECODER_EVENT_MALFORMED_DATA,
     DNS_DECODER_EVENT_NOT_A_REQUEST,
     DNS_DECODER_EVENT_NOT_A_RESPONSE,
     DNS_DECODER_EVENT_Z_FLAG_SET,
     DNS_DECODER_EVENT_FLOODED,
     DNS_DECODER_EVENT_STATE_MEMCAP_REACHED,
 };

 /** Opaque Rust types. */
 typedef struct RSDNSState_ RSDNSState;
 typedef struct RSDNSTransaction_ RSDNSTransaction;

 /** \brief DNS packet header */
 typedef struct DNSHeader_ {
     uint16_t tx_id;
     uint16_t flags;
     uint16_t questions;
     uint16_t answer_rr;
     uint16_t authority_rr;
     uint16_t additional_rr;
 } __attribute__((__packed__)) DNSHeader;

 int DNSStateGetEventInfo(const char *event_name,
                          int *event_id, AppLayerEventType *event_type);
 void DNSAppLayerRegisterGetEventInfo(uint8_t ipproto, AppProto alproto);

 void DNSCreateTypeString(uint16_t type, char *str, size_t str_size);
 void DNSCreateRcodeString(uint8_t rcode, char *str, size_t str_size);

 #endif /* __APP_LAYER_DNS_COMMON_H__ */
DNSHeader_::tx_id
uint16_t tx_id
Definition: app-layer-dns-common.h:129

DNS_DECODER_EVENT_NOT_A_RESPONSE
Definition: app-layer-dns-common.h:117

AppLayerEventType
enum AppLayerEventType_ AppLayerEventType

DNS_DECODER_EVENT_Z_FLAG_SET
Definition: app-layer-dns-common.h:118

event_type
uint32_t event_type
Definition: alert-unified2-alert.c:84

AppProto
uint16_t AppProto
Definition: app-layer-protos.h:68

DNS_DECODER_EVENT_FLOODED
Definition: app-layer-dns-common.h:119

str
#define str(s)
Definition: suricata-common.h:258

DNS_DECODER_EVENT_STATE_MEMCAP_REACHED
Definition: app-layer-dns-common.h:120

DNS_DECODER_EVENT_NOT_A_REQUEST
Definition: app-layer-dns-common.h:116

DNSHeader_::answer_rr
uint16_t answer_rr
Definition: app-layer-dns-common.h:132

type
uint8_t type
Definition: decode-icmpv4.h:800

__attribute__
struct DNSHeader_ __attribute__((__packed__)) DNSHeader
DNS packet header.
Definition: alert-unified2-alert.c:92

app-layer-protos.h

DNSHeader_::additional_rr
uint16_t additional_rr
Definition: app-layer-dns-common.h:134

DNSAppLayerRegisterGetEventInfo
void DNSAppLayerRegisterGetEventInfo(uint8_t ipproto, AppProto alproto)
Definition: app-layer-dns-common.c:55

DNS_DECODER_EVENT_UNSOLLICITED_RESPONSE
Definition: app-layer-dns-common.h:114

DNSHeader_::authority_rr
uint16_t authority_rr
Definition: app-layer-dns-common.h:133

DNSCreateTypeString
void DNSCreateTypeString(uint16_t type, char *str, size_t str_size)
Definition: app-layer-dns-common.c:62

DNSHeader_
DNS packet header.
Definition: app-layer-dns-common.h:128

RSDNSState
struct RSDNSState_ RSDNSState
Definition: app-layer-dns-common.h:124

DNSStateGetEventInfo
int DNSStateGetEventInfo(const char *event_name, int *event_id, AppLayerEventType *event_type)
Definition: app-layer-dns-common.c:39

RSDNSTransaction
struct RSDNSTransaction_ RSDNSTransaction
Definition: app-layer-dns-common.h:125

DNSCreateRcodeString
void DNSCreateRcodeString(uint8_t rcode, char *str, size_t str_size)
Definition: app-layer-dns-common.c:244

DNSHeader_::flags
uint16_t flags
Definition: app-layer-dns-common.h:130

app-layer-parser.h

DNS_DECODER_EVENT_MALFORMED_DATA
Definition: app-layer-dns-common.h:115

DNSHeader_::questions
uint16_t questions
Definition: app-layer-dns-common.h:131