From c9532db83e2ec099edf3b1a689a7c09851b9144f Mon Sep 17 00:00:00 2001 From: Marco Cadetg Date: Tue, 5 Aug 2025 07:43:52 +0200 Subject: [PATCH] improve dns dpi info --- src/network/dpi/dns.rs | 44 +++++++++++++++++++++++++++++++++- src/network/types.rs | 54 +++++++++++++++++++++++++++++++++++++----- 2 files changed, 91 insertions(+), 7 deletions(-) diff --git a/src/network/dpi/dns.rs b/src/network/dpi/dns.rs index ec2dc4c..17afc74 100644 --- a/src/network/dpi/dns.rs +++ b/src/network/dpi/dns.rs @@ -62,10 +62,52 @@ pub fn analyze_dns(payload: &[u8]) -> Option { let qtype = u16::from_be_bytes([payload[offset], payload[offset + 1]]); info.query_type = Some(match qtype { 1 => DnsQueryType::A, - 28 => DnsQueryType::AAAA, + 2 => DnsQueryType::NS, 5 => DnsQueryType::CNAME, + 6 => DnsQueryType::SOA, + 12 => DnsQueryType::PTR, + 13 => DnsQueryType::HINFO, 15 => DnsQueryType::MX, 16 => DnsQueryType::TXT, + 17 => DnsQueryType::RP, + 18 => DnsQueryType::AFSDB, + 24 => DnsQueryType::SIG, + 25 => DnsQueryType::KEY, + 28 => DnsQueryType::AAAA, + 29 => DnsQueryType::LOC, + 33 => DnsQueryType::SRV, + 35 => DnsQueryType::NAPTR, + 36 => DnsQueryType::KX, + 37 => DnsQueryType::CERT, + 39 => DnsQueryType::DNAME, + 42 => DnsQueryType::APL, + 43 => DnsQueryType::DS, + 44 => DnsQueryType::SSHFP, + 45 => DnsQueryType::IPSECKEY, + 46 => DnsQueryType::RRSIG, + 47 => DnsQueryType::NSEC, + 48 => DnsQueryType::DNSKEY, + 49 => DnsQueryType::DHCID, + 50 => DnsQueryType::NSEC3, + 51 => DnsQueryType::NSEC3PARAM, + 52 => DnsQueryType::TLSA, + 53 => DnsQueryType::SMIMEA, + 55 => DnsQueryType::HIP, + 59 => DnsQueryType::CDS, + 60 => DnsQueryType::CDNSKEY, + 61 => DnsQueryType::OPENPGPKEY, + 62 => DnsQueryType::CSYNC, + 63 => DnsQueryType::ZONEMD, + 64 => DnsQueryType::SVCB, + 65 => DnsQueryType::HTTPS, + 108 => DnsQueryType::EUI48, + 109 => DnsQueryType::EUI64, + 249 => DnsQueryType::TKEY, + 250 => DnsQueryType::TSIG, + 256 => DnsQueryType::URI, + 257 => DnsQueryType::CAA, + 32768 => DnsQueryType::TA, + 32769 => DnsQueryType::DLV, other => DnsQueryType::Other(other), }); } diff --git a/src/network/types.rs b/src/network/types.rs index 1537760..fe29fe0 100644 --- a/src/network/types.rs +++ b/src/network/types.rs @@ -175,12 +175,54 @@ pub struct DnsInfo { #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum DnsQueryType { - A, - AAAA, - CNAME, - MX, - TXT, - Other(u16), + A, // 1 + NS, // 2 + CNAME, // 5 + SOA, // 6 + PTR, // 12 + HINFO, // 13 + MX, // 15 + TXT, // 16 + RP, // 17 + AFSDB, // 18 + SIG, // 24 + KEY, // 25 + AAAA, // 28 + LOC, // 29 + SRV, // 33 + NAPTR, // 35 + KX, // 36 + CERT, // 37 + DNAME, // 39 + APL, // 42 + DS, // 43 + SSHFP, // 44 + IPSECKEY, // 45 + RRSIG, // 46 + NSEC, // 47 + DNSKEY, // 48 + DHCID, // 49 + NSEC3, // 50 + NSEC3PARAM, // 51 + TLSA, // 52 + SMIMEA, // 53 + HIP, // 55 + CDS, // 59 + CDNSKEY, // 60 + OPENPGPKEY, // 61 + CSYNC, // 62 + ZONEMD, // 63 + SVCB, // 64 + HTTPS, // 65 + EUI48, // 108 + EUI64, // 109 + TKEY, // 249 + TSIG, // 250 + URI, // 256 + CAA, // 257 + TA, // 32768 + DLV, // 32769 + Other(u16), // For any other type } #[derive(Debug, Clone)]