[RFC] More user-friendly verbose output for DNS flags #445
Labels
Comments
|
Man page maybe? |
|
Allright, the original report explains that tcpdump only displays 2 of the 3 flags, and for DNS responses only and requests that tcpdump displays all 3 flags and for both directions and uses the existing AD/DO/CD namespace instead of its own. |
|
Should I prepare patch adding support for 3rd flag and introduce new ouput then? |
|
That is a good idea, this at least can put the intended changes into the discussion scope. |
|
Update: tcpdump actually prints the EDNS DO bit if given |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi everyone,
I've received complaint from user in bugzilla that it is difficult to distinguish DNS response which has f.e. AD bit set. Right know tcpdump will produce following output for DNS response having AD bit set,
09:35:59.377000 IP localhost.domain > localhost.43144: 20972$ 3/6/13 SSHFP, RRSIG, RRSIG (3012)Note $ character appearing after the transaction ID. Basically question is if tcpdump should provide alternative output to this, i.e.
20972 [AD]if verbose is set?I think it would be reasonable to do that because dissector output is not documented anywhere afaik and you have to look to the source code of the dissector to find out what $ character actually means.
https://bugzilla.redhat.com/show_bug.cgi?id=1164048
The text was updated successfully, but these errors were encountered: