search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
netsniff-ng: Add command line option to disable hardware time stamping
[netsniff-ng.git] / staging / dns.c
blob5f9203cbad7f7fb7af1ee442a16c32faf0443de1
1 /*
2 * Mausezahn - A fast versatile traffic generator
3 * Copyright (C) 2008 Herbert Haas
4 *
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License version 2 as published by the
7 * Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
12 * details.
13 *
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, see http://www.gnu.org/licenses/gpl-2.0.html
16 *
17 */
18
19
20
21 ////////////////////////////////////////////////////////////////////
22 //
23 // DNS: Only UDP-based here
24 //
25 ////////////////////////////////////////////////////////////////////
26
27 #include "mz.h"
28 #include "cli.h"
29
30
31 #define MZ_DNS_HELP \
32 "| DNS type: Send Domain Name System Messages.\n" \
33 "|\n" \
34 "| Generally there are two interesting general DNS messages: queries and answers. The easiest\n" \
35 "| way is to use the following syntax:\n" \
36 "|\n" \
37 "| query|q = <name>[:<type>] ............. where type is per default \"A\"\n" \
38 "| (and class is always \"IN\")\n" \
39 "|\n" \
40 "| answer|a = [<type>:<ttl>:]<rdata> ...... ttl is per default 0.\n" \
41 "| = [<type>:<ttl>:]<rdata>/[<type>:<ttl>:]<rdata>/...\n" \
42 "|\n" \
43 "| Note: If you only use the 'query' option then a query is sent. If you additonally add\n" \
44 "| an 'answer' option then an answer is sent.\n" \
45 "|\n" \
46 "| Examples: \n" \
47 "|\n" \
48 "| q = www.xyz.com\n" \
49 "| q = www.xyz.com, a=192.168.1.10\n" \
50 "| q = www.xyz.com, a=A:3600:192.168.1.10\n" \
51 "| q = www.xyz.com, a=CNAME:3600:abc.com/A:3600:192.168.1.10\n" \
52 "|\n" \
53 "| Note: <type> can be: A, CNAME, or any integer\n" \
54 "|\n" \
55 "|\n" \
56 "| OPTIONAL parameter hacks: (if you don't know what you do this might cause invalid packets)\n" \
57 "|\n" \
58 "| Parameter Description query / reply)\n" \
59 "| -------------------------------------------------------------------------------------\n" \
60 "|\n" \
61 "| request/response|reply ..... flag only request / n.a. \n" \
62 "| id ......................... packet id (0-65535) random / random\n" \
63 "| opcode (or op) ............. accepts values 0..15 or one of std / 0 \n" \
64 "| these keywords: \n" \
65 "| = std ................... Standard Query\n" \
66 "| = inv ................... Inverse Query\n" \
67 "| = sts ................... Server Status Request\n" \
68 "| aa or !aa .................. Authoritative Answer UNSET / SET\n" \
69 "| tc or !tc .................. Truncation UNSET / UNSET\n" \
70 "| rd or !rd .................. Recursion Desired SET / SET\n" \
71 "| ra or !ra .................. Recursion Available UNSET / SET\n" \
72 "| z .......................... Reserved (takes values 0..7) 0 / 0 \n" \
73 "| (z=2...authenticated)\n" \
74 "| rcode ...................... Response Code (0..15); interesting 0 / 0 \n" \
75 "| values are:\n" \
76 "| = 0 ...................... No Error Condition\n" \
77 "| = 1 ...................... Unable to interprete query due to format error\n" \
78 "| = 2 ...................... Unable to process due to server failure\n" \
79 "| = 3 ...................... Name in query does not exist\n" \
80 "| = 4 ...................... Type of query not supported\n" \
81 "| = 5 ...................... Query refused\n" \
82 "|\n" \
83 "| Count values (values 0..65535) will be set automatically! You should not set these\n" \
84 "| values manually except you are interested in invalid packets.\n" \
85 "| qdcount (or qdc) ........... Number of entries in question section 1 / 1\n" \
86 "| ancount (or anc) ........... Number of RRs in answer records section 0 / 1\n" \
87 "| nscount (or nsc) ........... Number of name server RRs in authority 0 / 0\n" \
88 "| records section\n" \
89 "| arcount (or arc) ........... Number of RRs in additional records section 0 / 0\n" \
90 "\n"
91
92
93 int dns_get_query (char* argval);
94 int dns_get_answer (char* argval);
95
96
97
98 // Note: I do NOT use libnet here (had problems with bugs there...)
99 int create_dns_packet ()
100 {
101
102 char *token, *tokenptr, argval[MAX_PAYLOAD_SIZE];
103
104 int i=0,j=0;
105
106 unsigned char *x;
107 u_int16_t tmp;
108
109
110 // 16 bit values:
111 u_int8_t
112 dns_id0 =0, // DNS packet ID
113 dns_id1 =0,
114 dns_flags0 =0, // consists of the flags below
115 dns_flags1 =0,
116 dns_num_q0 =0, // number of questions
117 dns_num_q1 =0,
118 dns_num_ans0 =0, // number of answer resource records
119 dns_num_ans1 =0,
120 dns_num_aut0 =0, // number of authority resource records
121 dns_num_aut1 =0,
122 dns_num_add0 =0, // number of additional resource records
123 dns_num_add1 =0,
124 dns_type0 =0,
125 dns_type1 =0;
126
127
128 // bit fields for dns_flags1: Q/R(1), OPCODE(4), AA(1), TC(1), RD(1)
129 // bit fields for dns_flags0: RA(1), Z(3), RCODE(4)
130 u_int8_t
131 dns_flags_qr, // 1 bit
132 dns_flags_opcode, // 4 bits
133 dns_flags_aa, // 1 bit
134 dns_flags_tc, // 1 bit
135 dns_flags_rd, // 1 bit
136 // ---- next byte -----
137 dns_flags_ra, // 1 bit
138 dns_flags_z, // 3 bits
139 dns_flags_rcode; // 4 bits
140
141
142 u_int8_t
143 dns_packet[MAX_PAYLOAD_SIZE], // finally the whole packet with all sections
144 section[MAX_PAYLOAD_SIZE]; // contains only a section (intermediately)
145 u_int32_t
146 dns_packet_s;
147
148
149
150 if ( (getarg(tx.arg_string,"help", NULL)==1) && (mode==DNS) )
151 {
152 if (mz_port)
153 {
154 cli_print(gcli, "%s", MZ_DNS_HELP);
155 return -1;
156 }
157 else
158 {
159 fprintf(stderr,"\n"
160 MAUSEZAHN_VERSION
161 "\n%s", MZ_DNS_HELP);
162 exit(0);
163 }
164 }
165
166
167 // general defaults:
168 // TODO: define globals in case dns is called by external functions!)
169 // MOST SAFEST AND EASIEST METHOD: define tx.dns_xxxx for default-initialization
170 //
171 dns_id0 = 0x42; // dns_id0 = (u_int8_t) ( ((float) rand()/RAND_MAX)*255);
172 dns_id1 = 0x42;
173
174 dns_flags_qr = 0; // request
175 dns_flags_opcode = 0; // 'standard query' (also for response!)
176
177 dns_type0 = 1; // A record
178 dns_type1 = 0;
179
180
181 i=0;
182
183
184 /////////////////////////////////////////////////////////////////////////////////
185 // Evaluate CLI parameters:
186
187
188 // Handle the query //
189
190 if ( (getarg(tx.arg_string,"query", argval)==1) ||
191 (getarg(tx.arg_string,"q", argval)==1) )
192 {
193
194 (void) dns_get_query (argval); // returns the length in byte dns_num_q0=1;
195
196 // copy the result from gbuf to our local buffer 'section':
197 for (j=0;j<gbuf_s;j++)
198 {
199 section[j]=gbuf[j];
200 }
201
202 i = gbuf_s;
203
204 // Set defaults if not already set by callee.
205 // !! But ONLY set these if there is no additional answer section
206 // !! because then the answer section should set the defaults !!!
207 if ( (getarg(tx.arg_string,"answer", NULL)==0) && // no answer
208 (getarg(tx.arg_string,"a", NULL)==0) )
209 {
210 if (!tx.dp) tx.dp = 53;
211 if (!tx.sp) tx.sp = 42000;
212 }
213
214
215 // These are the defaults for a query:
216 dns_flags_aa = 1; // authoritative answer
217 dns_flags_tc = 0; // not truncated
218 dns_flags_rd = 1; // recursion desired
219 dns_flags_ra = 0; // recursion available
220 dns_flags_z = 0; // FYI: if 010 = 2 = authenticated
221 dns_flags_rcode = 0; // no errors
222 dns_num_q0 = 1; // number of questions
223 }
224
225
226
227 // Handle the answer:
228 //
229 // answer|a = <name>[:<type>[:<class>]]/[<ttl>:]<rdata>\n"
230 if ( (getarg(tx.arg_string,"answer", argval)==1) ||
231 (getarg(tx.arg_string,"a", argval)==1) )
232 {
233
234 // In case there are multiple answer sections seperate them with / or |
235 token = strtok_r(argval,"/|",&tokenptr);
236 do
237 {
238 //then the corresponding answer section:
239 //first create a pointer to the <name>:
240 section[i]=0xc0; // a pointer always starts with MSB=11xxxxxx xxxxxxx = 0xc0
241 i++;
242 section[i]=0x0c; // this number always points to the first query entry
243 i++;
244 //then add rdata
245 dns_num_ans0 += dns_get_answer (token);
246 //NOTE: 'i' points to the next free byte in section[] (see the query handling above)
247 for (j=0;j<gbuf_s;j++)
248 {
249 section[j+i]=gbuf[j];
250 }
251 i=i+gbuf_s; // so 'i' again points to the next free byte in section[]
252 } while ( (token = strtok_r(NULL,"/|",&tokenptr))!=NULL);
253
254 if (!tx.sp) tx.sp = 53;
255 if (!tx.dp) tx.dp = 42000; // should be set by user
256 dns_flags_qr = 1; // response
257 dns_flags_aa = 0; // no authoritative answer
258 dns_flags_tc = 0; // not truncated
259 dns_flags_rd = 1; // recursion desired
260 dns_flags_ra = 0; // recursion not available
261 dns_flags_z = 0; // FYI: if 010 = 2 = authenticated
262 dns_flags_rcode = 0; // no errors
263 }
264
265
266
267 // *** NOTE ***
268 // Now 'i' contains the number of DNS payload bytes = valid bytes in section[]
269 //
270
271
272 ///////////////////////////////////////////////////////////////////////////////////////////////
273 // Now let's handle the optional other commands, if some user really changed them...
274 //
275 //
276
277 if (getarg(tx.arg_string,"id",argval)==1)
278 {
279 tmp = (u_int16_t) str2int (argval);
280 x = (unsigned char*) &tmp;
281
282 dns_id1 = *x;
283 x++;
284 dns_id0 = *x;
285 }
286
287
288 if ( (getarg(tx.arg_string,"opcode", argval)==1) || (getarg(tx.arg_string,"op", argval)==1))
289 {
290 if (strncmp(argval,"std",3)==0) // standard query
291 {
292 dns_flags_opcode = 0;
293 }
294 else if (strncmp(argval,"inv",3)==0) // inverse query
295 {
296 dns_flags_opcode = 1;
297 }
298 else if (strncmp(argval,"sts",3)==0) // status server request
299 {
300 dns_flags_opcode = 2;
301 }
302 else // specified as integer
303 {
304 dns_flags_opcode = (u_int8_t) str2int (argval);
305 if (dns_flags_opcode > 15)
306 {
307 if (!quiet)
308 {
309 fprintf(stderr, "mz/dns: [Warning] Opcode cannot exceed 15 => will reduce to 15!\n");
310 }
311 dns_flags_opcode = 15;
312 }
313 }
314 }
315
316
317
318
319 if (getarg(tx.arg_string,"aa",NULL)==1)
320 {
321 dns_flags_aa = 1;
322 }
323
324 if (getarg(tx.arg_string,"!aa",NULL)==1)
325 {
326 dns_flags_aa = 0;
327 }
328
329 if (getarg(tx.arg_string,"tc",NULL)==1)
330 {
331 dns_flags_tc = 1;
332 }
333
334 if (getarg(tx.arg_string,"!tc",NULL)==1)
335 {
336 dns_flags_tc = 0;
337 }
338
339 if (getarg(tx.arg_string,"rd",NULL)==1)
340 {
341 dns_flags_rd = 1;
342 }
343
344 if (getarg(tx.arg_string,"!rd",NULL)==1)
345 {
346 dns_flags_rd = 0;
347 }
348
349 if (getarg(tx.arg_string,"ra",NULL)==1)
350 {
351 dns_flags_ra = 1;
352 }
353
354 if (getarg(tx.arg_string,"!ra",NULL)==1)
355 {
356 dns_flags_ra = 0;
357 }
358
359 if (getarg(tx.arg_string,"z", argval)==1)
360 {
361 dns_flags_z = (u_int8_t) str2int (argval);
362 if (dns_flags_z > 7)
363 {
364 if (!quiet)
365 {
366 fprintf(stderr, "mz/dns: [Warning] z cannot exceed 7 => will reduce to 7!\n");
367 }
368 dns_flags_z = 7;
369 }
370 }
371
372
373
374 if (getarg(tx.arg_string,"rcode", argval)==1)
375 {
376 dns_flags_rcode = (u_int8_t) str2int (argval);
377 if (dns_flags_rcode > 15)
378 {
379 if (!quiet)
380 {
381 fprintf(stderr, "mz/dns: [Warning] rcode cannot exceed 15 => will reduce to 15!\n");
382 }
383 dns_flags_rcode = 7;
384 }
385 }
386
387
388 if ( (getarg(tx.arg_string,"qdcount", argval)==1) ||
389 (getarg(tx.arg_string,"qdc", argval)==1) ||
390 (getarg(tx.arg_string,"qc", argval)==1) )
391
392 {
393 tmp = (u_int16_t) str2int (argval);
394 x = (unsigned char*) &tmp;
395 dns_num_q1 = *x;
396 x++;
397 dns_num_q0 = *x;
398 }
399
400 if ( (getarg(tx.arg_string,"ancount", argval)==1) ||
401 (getarg(tx.arg_string,"anc", argval)==1) )
402 {
403 tmp = (u_int16_t) str2int (argval);
404 x = (unsigned char*) &tmp;
405 dns_num_ans1 = *x;
406 x++;
407 dns_num_ans0 = *x;
408 }
409
410 if ( (getarg(tx.arg_string,"nscount", argval)==1) ||
411 (getarg(tx.arg_string,"nsc", argval)==1) )
412 {
413 tmp = (u_int16_t) str2int (argval);
414 x = (unsigned char*) &tmp;
415 dns_num_aut1 = *x;
416 x++;
417 dns_num_aut0 = *x;
418 }
419
420 if ( (getarg(tx.arg_string,"arcount", argval)==1) ||
421 (getarg(tx.arg_string,"arc", argval)==1) )
422 {
423 tmp = (u_int16_t) str2int (argval);
424 x = (unsigned char*) &tmp;
425 dns_num_add1 = *x;
426 x++;
427 dns_num_add0 = *x;
428 }
429
430 //
431 // End of optional parameter handling
432 //
433 ///////////////////////////////////////////////////////////////////////////////////////////////
434
435
436
437
438 /////////////////////////////////////////////////////////
439 // Now put all together i. e. create the UDP payload
440 //
441 // bit fields for dns_flags1: Q/R(1), OPCODE(4), AA(1), TC(1), RD(1)
442 // bit fields for dns_flags0: RA(1), Z(3), RCODE(4)
443 //
444 // 7 6 5 4 3 2 1 0
445 // +--+--+--+--+--+--+--+--+
446 // |QR| OPCODE |AA|TC|RD|
447 // +--+--+--+--+--+--+--+--+
448 //
449 //
450 // 7 6 5 4 3 2 1 0
451 // +--+--+--+--+--+--+--+--+
452 // |RA| Z | RCODE |
453 // +--+--+--+--+--+--+--+--+
454 //
455
456 //// Flags: MSB
457 dns_flags_qr <<= 7;
458 dns_flags1 |= dns_flags_qr;
459
460 dns_flags_opcode <<= 3;
461 dns_flags1 |= dns_flags_opcode;
462
463 dns_flags_aa <<= 2;
464 dns_flags1 |= dns_flags_aa;
465
466 dns_flags_tc <<= 1;
467 dns_flags1 |= dns_flags_tc;
468
469 dns_flags1 |= dns_flags_rd;
470
471 //// Flags: LSB
472
473 dns_flags_ra <<= 7;
474 dns_flags0 |= dns_flags_ra;
475
476 dns_flags_z <<= 4;
477 dns_flags0 |= dns_flags_z;
478
479 dns_flags0 |= dns_flags_rcode;
480
481 //// Add header bytes to dns_packet:
482
483 dns_packet[0]=dns_id1;
484 dns_packet[1]=dns_id0;
485
486 dns_packet[2]=dns_flags1;
487 dns_packet[3]=dns_flags0;
488
489 dns_packet[4]=dns_num_q1;
490 dns_packet[5]=dns_num_q0;
491
492 dns_packet[6]=dns_num_ans1;
493 dns_packet[7]=dns_num_ans0;
494
495 dns_packet[8]=dns_num_aut1;
496 dns_packet[9]=dns_num_aut0;
497
498 dns_packet[10]=dns_num_add1;
499 dns_packet[11]=dns_num_add0;
500
501 //// Add sections to dns_packet:
502
503
504 for (j=0; j<i; j++)
505 {
506 dns_packet[12+j] = section[j];
507 }
508
509 //
510 //////////////////////////////////////////////////////////
511
512 dns_packet_s = i+12;
513 tx.udp_payload_s = dns_packet_s;
514
515 // copy the dns_paylod to the udp_payload
516
517 for (j=0; j<tx.udp_payload_s; j++)
518 {
519 tx.udp_payload[j] = dns_packet[j];
520 }
521
522 tx.udp_len = 8 + tx.udp_payload_s;
523
524 return dns_packet_s;
525 }
526
527
528
529 ////////////////////////////////////////////////////////////////////////////////////////////
530 // Accepts a string like "www.perihel.at:A" or "www.perihel.at"
531 // and creates a valid query section using the global gbuf[] and gbuf_s
532 //
533 // query|q = <name>[:<type>]\n"
534 // Return value:
535 // number of queries (currently only 1 query accepted,
536 // hence return value is 1 on success or 0 upon failure
537 //
538 int dns_get_query(char* argval)
539 {
540 char *token, *field, *saveptr1=NULL, *saveptr2=NULL;
541 int i,j, cnt;
542 u_int16_t tmp;
543 unsigned char *x;
544
545 i=0;
546
547 // now get first field: <name>
548 field = strtok_r(argval, ":", &saveptr1);
549
550 // decompose <name> into labels:
551 token = strtok_r(field, ".", &saveptr2);
552
553 do // loop through all labels
554 {
555 cnt = strlen(token);
556 gbuf[i] = cnt;
557 i++;
558 for (j=i; j<(i+cnt);j++)
559 {
560 gbuf[j] = *token;
561 token++;
562 }
563 i+=cnt;
564
565 } while ( (token = strtok_r(NULL, ".", &saveptr2)) != NULL);
566
567 gbuf[i]=0x00;
568 i++; // (always point to next empty byte)
569
570
571 // lets see if <type> has also been specified:
572 if ( (field = strtok_r(NULL, ":", &saveptr1)) !=NULL)
573 {
574 if ( (strncmp(field, "A",1)==0) || (strncmp(field, "a",1)==0) )
575 {
576 tmp = 1;
577 }
578 else
579 {
580 tmp = (u_int16_t) str2int (field);
581 }
582
583 x = (unsigned char*) &tmp;
584
585 gbuf[i] = *(x+1);
586 i++;
587 gbuf[i] = *x;
588 i++;
589 }
590 else // use default type=A
591 {
592 gbuf[i] = 0x00; i++;
593 gbuf[i] = 0x01; i++;
594 }
595
596 // finally add the class=IN:
597 gbuf[i] = 0x00; i++;
598 gbuf[i] = 0x01; i++;
599
600 // this is the number of used bytes:
601 gbuf_s = i;
602
603 //////// TEST
604 /*
605 for (j=0; j<i; j++)
606 {
607 printf("%02x \n",gbuf[j]);
608 }
609 printf("i=%u\n",i);
610 */
611
612 return 1;
613 }
614
615
616
617
618
619
620 //
621 // Given a label (e. g. www.google.com) creates correct bytes in *buf
622 // and returns number of bytes created.
623 // NOTE: Label MUST NOT be longer than 512 characters.
624 //
625 int dns_process_label(char* label, u_int8_t *buf)
626 {
627 char *saveptr=NULL, *token;
628 int i=0, j=0, cnt=0, avoid_buffer_overflow=0;
629
630 token = strtok_r(label, ".", &saveptr);
631
632 do // loop through all labels
633 {
634 cnt = strlen(token);
635 i++;
636 *buf = cnt;
637 buf++;
638 avoid_buffer_overflow++;
639 for (j=0; j<cnt ;j++)
640 {
641 *buf = *token;
642 buf++;
643 avoid_buffer_overflow++;
644 if (avoid_buffer_overflow == 512) return 512;
645 token++;
646 }
647 i+=cnt;
648
649 } while ( (token = strtok_r(NULL, ".", &saveptr)) != NULL);
650 *buf=0x00;
651 i++; // number of total bytes written
652 return i;
653 }
654
655
656
657
658
659 // Accepts a valid triple of type:ttl:rdata and writes anything in gbuf[] and gbuf_s.
660 //
661 // Syntax examples:
662 //
663 // CNAME:3600:abc.com => Depending on type the rdata must be handled differently
664 // A:86400:192.168.1.33 => Up to 3 parameters
665 // A:192.168.1.33 => TTL may be omitted, then TTL=0
666 // 192.168.1.44 => Single parameter can only be an A record
667 //
668 // Other TYPES than A and CNAME are currently not supported and therefore the user must
669 // specify RDATA in hex.
670 //
671
672 int dns_get_answer(char* argval)
673 {
674 char *field, *saveptr1=NULL;
675 char field1[512], field2[512], field3[512];
676 int i, len, num_params;
677 u_int16_t TYPE=1; // A
678 u_int8_t *ptrTYPE;
679 u_int32_t TTL=0;
680 u_int8_t *ptrTTL;
681 u_int16_t RDLEN;
682 u_int8_t *ptrRDLEN;
683 u_int8_t rdata[512];
684
685 field1[0]='\0';
686 field2[0]='\0';
687 field3[0]='\0';
688
689 len = strlen (argval);
690
691 // determine number of occurences of ':'
692 num_params=1;
693 for (i=0; i<len; i++)
694 {
695 if (argval[i]==':') num_params++;
696 }
697 if (num_params>3) return 0; // Error!
698
699 // now get the fields (type, ttl, rdata)
700 field = strtok_r(argval, ":", &saveptr1);
701 strncpy(field1, field, 512);
702 if (num_params>1) // 2 or 3
703 {
704 field = strtok_r(NULL, ":", &saveptr1);
705 strncpy(field2, field, 512);
706 if (num_params==3)
707 {
708 field = strtok_r(NULL, ":", &saveptr1);
709 strncpy(field3, field, 512);
710 }
711 }
712
713
714 // Now we have all parameters in field1, field2, and field3.
715 // But field2 and/or field3 might be empty.
716
717 switch (num_params)
718 {
719 case 1: // only RDATA specified
720 strncpy(field3, field1, 512);
721 strcpy(field1, "A");
722 strcpy(field2, "0");
723 break;
724 case 2: // TYPE and RDATA
725 strncpy(field3, field2, 512);
726 strcpy(field2, "0");
727 break;
728 }
729
730 //CHECK:
731 //printf("fields: [%s] [%s] [%s]\n",field1,field2,field3);
732
733 //////////////////////////////////////////////////////////////////////
734 // Now create the whole answer section: Type, Class, TTL, RDLEN, RDATA
735
736 //// TYPE
737 if ( (strcmp(field1,"CNAME")==0) ||
738 (strcmp(field1,"cname")==0) )
739 {
740 TYPE=5;
741 gbuf[0]=0x00;
742 gbuf[1]=0x05;
743 }
744 else if ( (strcmp(field1,"A")==0) ||
745 (strcmp(field1,"a")==0) )
746 {
747 TYPE=1;
748 gbuf[0]=0x00;
749 gbuf[1]=0x01;
750 }
751 else // type must be given as number
752 {
753 TYPE = (u_int16_t) str2int(field1);
754 ptrTYPE = (u_int8_t*) &TYPE;
755 gbuf[0]=*(ptrTYPE+1);
756 gbuf[1]=*(ptrTYPE);
757 }
758
759
760 //// CLASS = IN = 0x00 01
761 gbuf[2]= 0x00; gbuf[3]=0x01;
762
763 //// TTL
764 TTL = (u_int32_t) str2int(field2);
765 ptrTTL = (u_int8_t*) &TTL;
766 gbuf[4]= *(ptrTTL+3);
767 gbuf[5]= *(ptrTTL+2);
768 gbuf[6]= *(ptrTTL+1);
769 gbuf[7]= *(ptrTTL+0);
770
771
772 //// RDLEN and RDATA
773 if (TYPE==1) // A
774 {
775 RDLEN = num2hex(field3, rdata); // should be 4 if IP address
776 if (RDLEN!=4)
777 {
778 fprintf(stderr," mz/dns_get_answer: [WARNING] RDATA of A record should contain an IPv4 address (4 bytes).\n");
779 }
780 }
781 else if (TYPE==5) // CNAME
782 {
783 RDLEN = dns_process_label (field3, rdata);
784 if (RDLEN==0)
785 {
786 fprintf(stderr," mz/dns_get_answer: [WARNING] RDATA must contain a domain name.\n");
787 }
788 }
789 else // Any other type
790 {
791 RDLEN = str2hex(field3, rdata, 512); // should be 4 if IP address
792 }
793
794 ptrRDLEN = (u_int8_t*) &RDLEN;
795 gbuf[8] = *(ptrRDLEN+1);
796 gbuf[9] = *(ptrRDLEN+0);
797
798
799 // finally write rdata
800 for (i=0; i<RDLEN; i++)
801 {
802 gbuf[10+i] = rdata[i];
803 }
804 gbuf_s = 10+RDLEN;
805
806 //////// TEST
807 /*
808 for (i=0; i<gbuf_s; i++)
809 {
810 printf("%02x \n",gbuf[i]);
811 }
812 printf("i=%u\n",i);
813 */
814
815 return 1;
816
817 }
netsniff-ng toolkit, the packet sniffing beast, staging tree