base/protocols/dns/consts.bro
-
DNS
Types, errors, and fields for analyzing DNS data. A helper file for DNS analysis scripts.
| Namespace: | DNS |
|---|---|
| Source File: | /scripts/base/protocols/dns/consts.bro |
Summary
Constants
DNS::ANY: count |
A QTYPE value describing a request for all records. |
DNS::EDNS: count |
An OPT RR TYPE value described by EDNS. |
DNS::PTR: count |
RR TYPE value for a domain name pointer. |
DNS::base_errors: table &default = function &optional |
Errors used for non-TSIG/EDNS types. |
DNS::classes: table &default = function &optional |
Possible values of the CLASS field in resource records or QCLASS field in query messages. |
DNS::edns_zfield: table &default = "?" &optional |
This deciphers EDNS Z field values. |
DNS::query_types: table &default = function &optional |
Mapping of DNS query type codes to human readable string representation. |
Detailed Interface
Constants
-
DNS::ANY Type: countDefault: 255A QTYPE value describing a request for all records.
-
DNS::EDNS Type: countDefault: 41An OPT RR TYPE value described by EDNS.
-
DNS::PTR Type: countDefault: 12RR TYPE value for a domain name pointer.
-
DNS::base_errors Type: table[count] ofstringAttributes: &default=function&optionalDefault: { [17] = "BADKEY", [5] = "REFUSED", [9] = "NOTAUTH", [10] = "NOTZONE", [22] = "BADTRUNC", [15] = "unassigned-15", [2] = "SERVFAIL", [20] = "BADNAME", [16] = "BADVERS", [6] = "YXDOMAIN", [1] = "FORMERR", [14] = "unassigned-14", [13] = "unassigned-13", [18] = "BADTIME", [3] = "NXDOMAIN", [4] = "NOTIMP", [3842] = "BADSIG", [0] = "NOERROR", [8] = "NXRRSet", [11] = "unassigned-11", [19] = "BADMODE", [21] = "BADALG", [7] = "YXRRSET", [12] = "unassigned-12" }
Errors used for non-TSIG/EDNS types.
-
DNS::classes Type: table[count] ofstringAttributes: &default=function&optionalDefault: { [2] = "C_CSNET", [1] = "C_INTERNET", [255] = "C_ANY", [3] = "C_CHAOS", [4] = "C_HESOD", [254] = "C_NONE" }
Possible values of the CLASS field in resource records or QCLASS field in query messages.
-
DNS::edns_zfield Type: table[count] ofstringAttributes: &default="?"&optionalDefault: { [32768] = "DNS_SEC_OK", [0] = "NOVALUE" }
This deciphers EDNS Z field values.
-
DNS::query_types Type: table[count] ofstringAttributes: &default=function&optionalDefault: { [10] = "NULL", [35] = "NAPTR", [37] = "CERT", [44] = "SINK", [8] = "MG", [15] = "MX", [4] = "MF", [21] = "RT", [9] = "MR", [20] = "ISDN", [36] = "KX", [49] = "DHCID", [18] = "AFSDB", [2] = "NS", [34] = "ATMA", [46] = "RRSIG", [14] = "MINFO", [41] = "EDNS", [102] = "GID", [7] = "MB", [250] = "TSIG", [249] = "TKEY", [29] = "LOC", [252] = "AXFR", [31] = "NIMLOC", [32768] = "TA", [26] = "PX", [100] = "DINFO", [13] = "HINFO", [1] = "A", [19] = "X25", [255] = "*", [42] = "APL", [33] = "SRV", [103] = "UNSPEC", [253] = "MAILB", [43] = "DS", [16] = "TXT", [40] = "SINK", [23] = "NSAP-PTR", [11] = "WKS", [32769] = "DLV", [22] = "NSAP", [38] = "A6", [30] = "EID", [28] = "AAAA", [257] = "CAA", [27] = "GPOS", [48] = "DNSKEY", [6] = "SOA", [5] = "CNAME", [32] = "NB", [99] = "SPF", [3] = "MD", [254] = "MAILA", [17] = "RP", [47] = "NSEC", [39] = "DNAME", [25] = "KEY", [251] = "IXFR", [101] = "UID", [24] = "SIG", [12] = "PTR", [45] = "SSHFP" }
Mapping of DNS query type codes to human readable string representation.
Copyright 2016, The Bro Project.
Last updated on December 07, 2018.
Created using Sphinx 1.8.2.