[Bro-Dev] DNS TXT Queries and the Cache File
Vlad Grigorescu
vladg at cmu.edu
Sat Nov 3 15:01:33 PDT 2012
Thanks, Robin.
I tested master, and it wasn't working properly for me. I traced the problem to the simplification of DNS_Mgr::AsyncLookupName. For both lookups, it was using AsyncRequestNameMap. I split off the processing of TXT queries so that it'd use AsyncRequestTextMap. That was committed in: <https://github.com/grigorescu/bro/commit/a1c0b853fe180ee0dc97880653d2d274b7e08e21>.
I also have a couple of other small commits, which are ready in <https://github.com/grigorescu/bro/commits/topic/vladg/dns_txt_queries>. One has some fixes for the BIF, and one switches the MHR script to use TXT queries, with a newly introduced threshold.
I tested these manually, and they work for me. Unfortunately, I don't have any good ideas on how we'd go about writing some tests for the TXT queries - this was the one case where being able to load the cache from a file did seem useful.
--Vlad
On Nov 1, 2012, at 4:39 PM, Robin Sommer <robin at icir.org> wrote:
> Thanks, I've merged this in, can you try master and see if it works
> for you?
>
>> e let me know if anyone sees any issues. There is a save TXT
>> function, but there is no capability to read the data back from a
>> file, as I mentioned. If someone wants to take a stab to getting that
>> working properly, please feel free. Otherwise, let me know and I'll
>> remove the save function.
>
> I've removed it, don't think we need it. If we wanted to bring it
> back, that's easy to do.
>
> Robin
>
> --
> Robin Sommer * Phone +1 (510) 722-6541 * robin at icir.org
> ICSI/LBNL * Fax +1 (510) 666-2956 * www.icir.org
> _______________________________________________
> bro-dev mailing list
> bro-dev at bro-ids.org
> http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
More information about the bro-dev
mailing list