Re: [tcpdump-workers] Support for "-T domain"
Noah wrote: > I've written a small patch against HEAD which adds support for decoding > DNS traffic on nonstandard ports; useful for those of us who run DNS > serves behind VIPs, for instance. I haven't written any tests as yet, > however there aren't any DNS tests set up yet anyway. Happy to write > some if that would speed the inclusion of the update. I've committed > the patch to my fork of tcpdump on github, run tests, etc. How should > I proceed from here, just issue the pull request? Yes, but we'll want to see some tests. That we haven't any tests shouldn't stop you: tcpdump -w some packets that you don't mind sharing, on both port 53 and a not port 53. Add a list to tests/TESTLIST, without the -T domain, and you should of course, not see the non-port-53 decoded, and a line *with* -T domain, and you should see the not-port-53 packets decoded. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Support for "-T domain"
No problem; would such a patch be eligible for backport to 4.7? Regards, Noah > On Dec 3, 2015, at 8:59 AM, Michael Richardson wrote: > > > Noah wrote: >> I've written a small patch against HEAD which adds support for decoding >> DNS traffic on nonstandard ports; useful for those of us who run DNS >> serves behind VIPs, for instance. I haven't written any tests as yet, >> however there aren't any DNS tests set up yet anyway. Happy to write >> some if that would speed the inclusion of the update. I've committed >> the patch to my fork of tcpdump on github, run tests, etc. How should >> I proceed from here, just issue the pull request? > > Yes, but we'll want to see some tests. > That we haven't any tests shouldn't stop you: tcpdump -w some packets that > you don't mind sharing, on both port 53 and a not port 53. Add a list to > tests/TESTLIST, without the -T domain, and you should of course, not see the > non-port-53 decoded, and a line *with* -T domain, and you should see > the not-port-53 packets decoded. > > -- > ] Never tell me the odds! | ipv6 mesh networks [ > ] Michael Richardson, Sandelman Software Works| network architect [ > ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails > [ > ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] Support for "-T domain"
Noah wrote: > No problem; would such a patch be eligible for backport to 4.7? We were about to do 4.8... but it got delayed to accomodate some fixes. If you are installing from source code, would 4.8 work? If it's about getting it into a distro, they don't like new features as bug-fixes :-) -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
