github/weave-scope
1
0
Fork 0
mirror of https://github.com/weaveworks/scope.git synced 2026-03-03 18:20:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Skip DNS length field (only included over TCP)

Browse Source
This commit is contained in:
Alfonso Acosta
2016-09-23 13:51:19 +00:00
parent 6f95d05c59
commit 326208c395
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
probe/endpoint/dns_snooper_linux_amd64.go
View File

@@ -112,6 +112,7 @@ func (s *DNSSnooper) Stop() {
}
// Gopacket doesn't provide direct support for DNS over TCP, see https://github.com/google/gopacket/issues/236
// TODO: deal with TCP fragmentation and out-of-order segments
type tcpWithDNSSupport struct {
tcp layers.TCP
}
@@ -126,7 +127,15 @@ func (m *tcpWithDNSSupport) NextLayerType() gopacket.LayerType {
}
return m.tcp.NextLayerType()
}
func (m *tcpWithDNSSupport) LayerPayload() []byte { return m.tcp.LayerPayload() }
func (m *tcpWithDNSSupport) LayerPayload() []byte {
payload := m.tcp.LayerPayload()
// Omit the DNS length field, only included
// in TCP, in order to reuse the DNS UDP parser
if len(payload) > 1 && (m.tcp.SrcPort == 53 || m.tcp.DstPort == 53) {
payload = payload[2:]
}
return payload
}
func (s *DNSSnooper) run() {
var (