[Bro] Additional Records in DNS
christopher.p.crawford at gmail.com
Wed Jul 10 13:04:04 PDT 2013
I'm trying to write a bro script that pulls out authoritative nameservers
and additional records from DNS.
I think I need the the dns_EDNS_addl event to get at that part of a DNS
reply, since the dns_edns_additional structure seems like it has the
information I'm looking for:
Unfortunately, it looks like dns_EDNS_addl isn't implemented yet:
318 # TODO: figure out how to handle these
324 #event dns_EDNS_addl(c: connection, msg: dns_msg, ans:
Has anyone worked out a way to grab this information from a DNS reply?
If not, could anyone point me in the right direction so that I can roll my
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro