[Snort-devel] snort dns Preprocessor

rohan dora dora.rohan at ...2499...
Fri May 6 00:45:02 EDT 2016


Hell0 all,

I was browsing through the code of *DNS Dynamic preprocessor*(*spp_dns.c*)
of Snort 2.9.1.

*Objective*

To count the number of DNS Queries that are made by my machine to DNS
server(may be local/Remote doesn't matter).

*Problem*

Right now, DNS Dynamic preprocessor is able to track responses that are
coming from DNS server to my machine,*however it is not able to track/see
the DNS queries that my machine makes*.

I know that DNS Preprocessor is meant for analysing the responses of Remote
server,But i added some code(Some if conditions,print statements) to track
DNS queries.

Anyone ,having ideas what could be the problem or is this the right
approach(modifying code in spp_dns.c) ?

Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20160506/a52ea90d/attachment.html>


More information about the Snort-devel mailing list