Add support for EDNS and DNSSEC #803
Conversation
|
Jenkins standing by to test this. If you aren't a maintainer, you can ignore this comment. Someone with commit access, please review this and clear it for Jenkins to run; then say 'jenkins, test it'. |
| data = rr.IP.String() | ||
| case layers.DNSTypeSOA: | ||
| // We don't have special handling for this type | ||
| logp.Debug("dns", "Unsupported RR type %s", dnsTypeToString(rrType)) |
There was a problem hiding this comment.
Should the default case set data = x.Rdata? I'm assuming Rdata is raw data.
There was a problem hiding this comment.
Yes. At first I thought that couldn't be achieved ... because only type RFC3597 has the Rdata field, other types having the fields according to their format.
But a method ToRFC3597 helps fetch this field from any RR type.
With some lines of code (e.g. here), the Rdata is fetched. I'm not sure a simpler solution exists though.
|
@McStork, the changes look really solid to me. Thanks A few things...
|
|
@elastic/beats Should the glide.yaml contain the commit hash of github.com/miekg/dns? I think we should include the commit hash so we don't have to guess at what point we took the library, but I don't really know all the details of glide. |
|
@andrewkroh Generating fields.asciidoc showed that two fields from ICMP (icmp.request.message, icmp.response.message) are missing from the doc. This affects v1.1 btw. Should a ticket be open? |
|
Regarding the fields.asciidoc on 1.1. We updated it - #821. Thanks for pointing it out. |
Library change from gopacket to miekg/dns: * Modify payload objects and attributes used throughout the dns package * FQDNs now terminate with a dot as any absolute domain name should [RFC1035](https://tools.ietf.org/html/rfc1035) * Update glide with the miekg/dns library Also: * Do a minor cleaning in the function that decodes DNS over TCP * Move DnsMessage struct from dns_tcp.go to dns.go * Change the flag 'recursion_allowed' to 'recursion_available' [DNS Header Flags](http://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-12)
* Fetch Rdata for yet unhandled and true unknowns RR types * Re-generate the docs/fields.asciidoc * Update CHANGELOG * Add commit hash of lib miekg/dns to glide.yaml Also * Change the SOA field that was named 'ttl' to 'minimum' [RFC 1035](https://www.ietf.org/rfc/rfc1035.txt)
|
LGTM so I am going to merge it now and additional changes can be done is new PR. Thanks |
Change decode library to miekg/dns
|
@andrewkroh Ok! Let's do it this way then. |
Library change from gopacket to miekg/dns
Also
TODO list