wtfbbqhax
diff --git a/‎Containerfile‎
Lines changed: 1 addition & 1 deletion b/‎Containerfile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎piglet-bpf-filter/.gitignore‎ renamed to ‎bin/.gitignore‎ b/‎piglet-bpf-filter/.gitignore‎ renamed to ‎bin/.gitignore‎
diff --git a/‎piglet-bpf-filter/Makefile‎ renamed to ‎bin/Makefile‎
Lines changed: 1 addition & 1 deletion b/‎piglet-bpf-filter/Makefile‎ renamed to ‎bin/Makefile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎piglet-bpf-filter/daq_print.cc‎ renamed to ‎bin/daq_print.cc‎
Lines changed: 18 additions & 17 deletions b/‎piglet-bpf-filter/daq_print.cc‎ renamed to ‎bin/daq_print.cc‎
Lines changed: 18 additions & 17 deletions
diff --git a/‎piglet-bpf-filter/daq_print.h‎ renamed to ‎bin/daq_print.h‎ b/‎piglet-bpf-filter/daq_print.h‎ renamed to ‎bin/daq_print.h‎
diff --git a/‎bin/dns-hog‎
2.65 MB b/‎bin/dns-hog‎
2.65 MB
diff --git a/‎piglet-bpf-filter/piglet-bpf-filter.cc‎ renamed to ‎bin/dns_hog.cc‎
Lines changed: 7 additions & 9 deletions b/‎piglet-bpf-filter/piglet-bpf-filter.cc‎ renamed to ‎bin/dns_hog.cc‎
Lines changed: 7 additions & 9 deletions
diff --git a/‎bin/pcaps/dns-label-loop.pcap‎
216 Bytes b/‎bin/pcaps/dns-label-loop.pcap‎
216 Bytes
diff --git a/‎piglet-bpf-filter/pcaps/dns.pcap‎ renamed to ‎bin/pcaps/dns.pcap‎ b/‎piglet-bpf-filter/pcaps/dns.pcap‎ renamed to ‎bin/pcaps/dns.pcap‎
diff --git a/‎include/packet/dns.h‎
Lines changed: 1 addition & 1 deletion b/‎include/packet/dns.h‎
Lines changed: 1 addition & 1 deletion
@@ -1,5 +1,5 @@
 # Using www.github.com/wtfbbqhax/krakatoa
-FROM arm64v8/krakatoa AS libpacket_dev_env
+FROM amd64/krakatoa AS libpacket_dev_env
 
 USER root
 RUN apk update
 
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-piglet-bpf-filter: piglet-bpf-filter.cc daq_print.cc daq_print.h
+dns-hog: dns_hog.cc daq_print.cc daq_print.h
 	c++ -ggdb -std=c++14 -lstdc++ $^ -lpcap -ldaq -lpacket -o $@ 
 
 clean:
 
@@ -36,22 +36,22 @@ int print_dns(dns const& dns)
 {
     bool is_response = DNS_QR(dns.h.flags);
 
-    if (is_response)
+    //if (is_response)
     {
-            printf("[dns response] [rcode:%d, id:%d, qdcount: %d, ancount: %d, nscount: %d, arcount:%d]\n",
+        printf("[dns] [rcode:%d, id:%d, qdcount: %d, ancount: %d, nscount: %d, arcount:%d]\n",
             DNS_RCODE(dns.h.flags),
             dns.h.id,
             dns.h.qdcount,
             dns.h.ancount,
             dns.h.nscount,
             dns.h.arcount);
     }
-    else
-    {
-            printf("[dns query] [id:%d, qdcount: %d]\n",
-            dns.h.id,
-            dns.h.qdcount);
-    }
+    //else
+    //{
+    //    printf("[dns query] [id:%d, qdcount: %d]\n",
+    //        dns.h.id,
+    //        dns.h.qdcount);
+    //}
 
     // Parsing Question Section
     for (int i = 0; i < dns.h.qdcount; i++)
@@ -78,7 +78,11 @@ int print_dns(dns const& dns)
         {
             inet_ntop(AF_INET, a.data.data(), addr, sizeof(addr));
             human.append(addr, strnlen(addr, INET6_ADDRSTRLEN));
-
+        }
+        else if (a.dns_atype == 28)
+        {
+            inet_ntop(AF_INET6, a.data.data(), addr, sizeof(addr));
+            human.append(addr, strnlen(addr, INET6_ADDRSTRLEN));
         }
         else
         {
@@ -95,6 +99,7 @@ int print_dns(dns const& dns)
     //    (void)dns[0].questions[i].dns_qclass;
     }
 
+    printf("\n");
     return 0;
 }
 
@@ -179,21 +184,17 @@ print_packet(int const instance_id, DAQ_PktHdr_t const* hdr, uint8_t const * dat
                 packet_frag_mf(&packet) ? "mf" : "");
     }
 
+    uint32_t max = packet_paysize(&packet);
+    const uint8_t *payload = packet_payload(&packet);
     if (sport == 53 || dport == 53)
     {
         dns _dns;
-        decode_dns(packet_payload(&packet),
-                packet_paysize(&packet),
-                &_dns);
+        decode_dns(payload, max, &_dns);
         print_dns(_dns);
     }
 
-    uint32_t max = packet_paysize(&packet);
-    const uint8_t *payload = packet_payload(&packet);
     max = max > 128 ? 128 : max;
-    print_data(payload, max);
-
-    //print_data(data, len);
+    //print_data(payload, max);
 
 #ifdef PRINT_PACKET_STATS
     // Packet stats are useful for determining decoding errors
 
@@ -21,9 +21,7 @@
 #include <packet/dns.h>
 #include <pcap.h>
 
-//#include <sfbpf.h>
-//#include <sfbpf_dlt.h>
-
+#define TXT_FG_PURPLE(str)   "\e[35m" str "\e[0m"
 
 #include "daq_print.h"
 
@@ -441,7 +439,8 @@ class DataPlaneWorker
                 }
 
                 verdicts.verdicts[i] = verdict;
-                printf(matched ? "[match|%s] " : "[%s]", str_from_verdict(verdict));
+                printf(matched ? "[" TXT_FG_PURPLE("match") "] " : "");
+		printf("[%s] ", str_from_verdict(verdict));
                 print_packet(id, hdr, data, hdr->pktlen);
             }
         }
@@ -508,9 +507,9 @@ int main(int argc, char const* argv[])
         //{ "debug", "true" },
     };
 
-    if (argc < 3)
+    if (argc < 2)
     {
-        fprintf(stderr, "Usage: piglet-bpf-filter [pass|block|allowlist|blocklist] <BPF expression>\n");
+        fprintf(stderr, "Usage: piglet-bpf-filter <BPF expression>\n");
         exit(1);
     }
 
@@ -520,13 +519,12 @@ int main(int argc, char const* argv[])
 
     DaqConfig pcap_config("pcap", "pcaps/dns.pcap", DAQ_MODE_READ_FILE, vars);
     DataPlaneWorker wk0(pcap_config, 0, filter, match_verdict, default_verdict);
+
     sleep(2);
+
     wk0.stop();
     wk0.join();
 
-    //DataPlaneWorker wk1(vpp_inline_config, 1, filter, match_verdict, default_verdict);
-    //wk1.stop(); wk1.join();
-
     DAQ::unload_modules();
     return 0;
 }
@@ -64,6 +64,6 @@ enum dns_types {
     TYPE_TXT // 16
 };
 
-int decode_dns(uint8_t const *pkt, uint32_t const len, dns* dns);
+extern "C" int decode_dns(uint8_t const *pkt, uint32_t const len, dns* dns);
 
 #endif /* LIBPACKET_DECODE_DNS_H */