DNSDecoder will now produce real-time output for UDP query/response pairs by using packetHandler to process UDP packets immediately. UDP state is tracked like connections, with a (client_addr,server_addr) tuple and DNS IDs being used to track queries and responses.
DNSHandler is called at response time with a Packet object (parent class of Connection) based on the current UDP packet. All other args passed to DNSHandler remain the same. A postModule method is used to flush outstanding UDP state at shutdown.
Tested as compatible with decoders/dns/dns.py on sample traffic.
DNSDecoder will now produce real-time output for UDP query/response pairs by using packetHandler to process UDP packets immediately. UDP state is tracked like connections, with a (client_addr,server_addr) tuple and DNS IDs being used to track queries and responses.
DNSHandler is called at response time with a Packet object (parent class of Connection) based on the current UDP packet. All other args passed to DNSHandler remain the same. A postModule method is used to flush outstanding UDP state at shutdown.
Tested as compatible with decoders/dns/dns.py on sample traffic.