script/tinydns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial import

Browse Source
This commit is contained in:
Christoph
2017-02-21 02:35:57 +01:00
commit d06a79e353
16 changed files with 2117 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
dnscache-log Executable file
View File

@@ -0,0 +1,119 @@
#!/usr/bin/perl -p
# usage: tail -f /service/dnscache/log/main/current | tai64nlocal | dnscache-log
# use tail -F instead of tail -f if your tail supports it (linux, freebsd, etc)
$| = 1;
# strip off the year and the extra tai64 stuff.
#s/^\d{4}-(\d\d-\d\d) (\d\d:\d\d:\d\d).(\d*)/$1 $2/;
## - changed by ckubu (strip off only tai64 stuff
s/^(\d{4}-\d\d-\d\d) (\d\d:\d\d:\d\d).(\d*)/$1 $2/;
# convert addresses in hex to dotted decimal notation.
# ugly fix (fn 2003 01 06)
if (!m/ stats \d+ \d+ \d+ \d+/) {
s/\b([a-f0-9]{8})\b/join(".", unpack("C*", pack("H8", $1)))/eg;
## - added by ckubu (ipv6-logfile, but only print ipv4 address))
s/[a-f0-9]{24}([a-f0-9]{8})/join(".", unpack("C*", pack("H8", $1)))/eg;
}
# strip out length from sent messages.
# sent slot-id length
s/sent (\d+) \d+/sent $1/;
### clean up some messages
# tx gluelessness qtype thing domain where.
s/tx (\d+) (\d+) (\S+) (\S+) (.*)/"tx $1 " . queryType($2) . " $3 $4 $5"/e;
# nodata server ttl qtype thing.
s/nodata (\S+) (\d+) (\d+) (\S+)/"nodata $1 " . queryType($2) . " $3 $4"/e;
# cached qtype info.
s/cached (\d+)/"cached " . queryType($1)/e;
# convert stuff like 127.0.0.2:0422:05be 1 to something more descriptive.
# query slot-id host:port qid qtype thing
s/\b([\d.]+):(\w+):(\w+) (\d+) ([-.\w]+)/printQueryLine($1, $2, $3, $4, $5)/e;
# convert rr messages.
s/rr (\S+) (\d+) (\S+) (\S+) (\S+)/printRRLine($1, $2, $3, $4, $5)/e;
### subs
sub printQueryLine {
my ($host, $port, $query_id, $query_type, $query) = @_;
# pad hostname
my $ret = "$host:";
$ret .= hex($port);
$ret .= ":" . hex($query_id);
$ret .= " " . queryType($query_type) . " $query";
return $ret;
}
sub printRRLine {
my ($host, $ttl, $query_type, $thing, $data) = @_;
my $ret = "rr ";
#$ret .= "$host " . padd(6, $ttl) . " ";
## - ckubu add: TTL=
$ret .= "$host TTL=" . padd(6, $ttl) . " ";
$ret .= queryType($query_type) . " $thing ";
if ($query_type == 16) { # it's a txt record
# the first byte is the length. we skip it.
$data = substr($data, 2);
$ret .= "\"" . unpack("A*", pack("H*", $data)) . "\"";
} else {
$ret .= "$data";
}
return $ret;
}
sub queryType {
my ($type) = shift;
my $ret = "";
# i only list the ones that are in dnscache's dns.h.
SWITCH: {
($type == 1) && do { $ret = "a"; last SWITCH; };
($type == 2) && do { $ret = "ns"; last SWITCH; };
($type == 5) && do { $ret = "cname"; last SWITCH; };
($type == 6) && do { $ret = "soa"; last SWITCH; };
($type == 12) && do { $ret = "ptr"; last SWITCH; };
($type == 13) && do { $ret = "hinfo"; last SWITCH; };
($type == 15) && do { $ret = "mx"; last SWITCH; };
($type == 16) && do { $ret = "txt"; last SWITCH; };
($type == 17) && do { $ret = "rp"; last SWITCH; };
($type == 24) && do { $ret = "sig"; last SWITCH; };
($type == 25) && do { $ret = "key"; last SWITCH; };
($type == 28) && do { $ret = "aaaa"; last SWITCH; };
($type == 252) && do { $ret = "axfr"; last SWITCH; };
($type == 255) && do { $ret = "any"; last SWITCH; };
do { $ret .= "$type "; last SWITCH; };
}
return $ret;
}
# there has to be a better way
sub pads {
my ($amount, $item) = @_;
return sprintf "%" . $amount . "s", $item;
}
sub padd {
my ($amount, $item) = @_;
return sprintf "%0" . $amount . "d", $item;
}