DNS-OARC · jelu · Jun 22, 2018 · Jun 18, 2018
diff --git a/.gitmodules b/.gitmodules
diff --git a/README.md b/README.md
@@ -56,7 +56,6 @@ OpenBSD: `pkg_add luajit` + manual install of libpcap, liblmdb and libck
 ```shell
 git clone https://github.com/DNS-OARC/dnsjit
 cd dnsjit
-git submodule update --init
 sh autogen.sh
 ./configure
 make
@@ -98,6 +97,7 @@ Following example display the DNS ID found in queries.
 require("dnsjit.core.objects")
 local input = require("dnsjit.input.pcap").new()
 local layer = require("dnsjit.filter.layer").new()
+local dns = require("dnsjit.core.object.dns").new()
 
 input:open_offline(arg[2])
 layer:producer(input)
@@ -107,8 +107,8 @@ while true do
     local object = producer(ctx)
     if object == nil then break end
     if object:type() == "payload" then
-        local dns = require("dnsjit.core.object.dns").new(object)
-        if dns and dns:parse() == 0 then
+        dns.obj_prev = object
+        if dns:parse_header() == 0 then
             print(dns.id)
         end
     end

diff --git a/configure.ac b/configure.ac
@@ -51,7 +51,7 @@ AC_HEADER_TIME
 AX_PTHREAD
 AC_CHECK_LIB([pcap], [pcap_open_live], [], [AC_MSG_ERROR([libpcap not found])])
 AC_CHECK_HEADER([pcap/pcap.h], [], [AC_MSG_ERROR([libpcap header not found])])
-AC_CHECK_HEADERS([endian.h sys/endian.h machine/endian.h sys/time.h])
+AC_CHECK_HEADERS([endian.h sys/endian.h machine/endian.h sys/time.h byteswap.h])
 AC_CHECK_FUNCS([pcap_create pcap_set_tstamp_precision pcap_set_immediate_mode])
 AC_CHECK_FUNCS([pcap_set_tstamp_type pcap_setdirection sched_yield])
 AC_CHECK_FUNCS([pcap_open_offline_with_tstamp_precision pcap_activate])

diff --git a/examples/Makefile.am b/examples/Makefile.am
@@ -16,5 +16,5 @@
 # You should have received a copy of the GNU General Public License
 # along with dnsjit.  If not, see <http://www.gnu.org/licenses/>.
 
-dist_doc_DATA = dumpdns.lua dumpdns-qr.lua filter_rcode.lua playqr.lua \
+dist_doc_DATA = dumpdns.lua dumpdns-qr.lua filter_rcode.lua respdiff.lua \
   readme.lua replay.lua test_pcap_read.lua test_throughput.lua
diff --git a/examples/dumpdns-qr.lua b/examples/dumpdns-qr.lua
@@ -9,6 +9,12 @@ end
 local object = require("dnsjit.core.objects")
 local input = require("dnsjit.input.pcap").new()
 local layer = require("dnsjit.filter.layer").new()
+local dns = require("dnsjit.core.object.dns").new()
+local label = require("dnsjit.core.object.dns.label")
+
+local ffi = require("ffi")
+local labels = require("dnsjit.core.object.dns.label").new(16)
+local q = require("dnsjit.core.object.dns.q").new()
 
 input:open_offline(pcap)
 layer:producer(input)
@@ -20,24 +26,25 @@ local responses = {}
 while true do
     local obj = producer(ctx)
     if obj == nil then break end
-    if obj:type() == "payload" then
+    local pl = obj:cast()
+    if obj:type() == "payload" and pl.len > 0 then
         local transport = obj.obj_prev
         while transport do
-            if transport.obj_type == object.CORE_OBJECT_IP or transport.obj_type == object.CORE_OBJECT_IP6 then
+            if transport.obj_type == object.IP or transport.obj_type == object.IP6 then
                 break
             end
             transport = transport.obj_prev
         end
         local protocol = obj.obj_prev
         while protocol do
-            if protocol.obj_type == object.CORE_OBJECT_UDP or protocol.obj_type == object.CORE_OBJECT_TCP then
+            if protocol.obj_type == object.UDP or protocol.obj_type == object.TCP then
                 break
             end
             protocol = protocol.obj_prev
         end
 
-        local dns = require("dnsjit.core.object.dns").new(obj)
-        if transport and protocol and dns and dns:parse() == 0 then
+        dns.obj_prev = obj
+        if transport and protocol and dns:parse_header() == 0 then
             transport = transport:cast()
             protocol = protocol:cast()
 
@@ -48,18 +55,18 @@ while true do
                     dst = transport:destination(),
                     dport = protocol.dport,
                     id = dns.id,
-                    rcode = dns.rcode,
+                    rcode = dns.rcode_tostring(dns.rcode),
                 })
             else
-                if dns.questions > 0 and dns:rr_next() == 0 and dns:rr_ok() then
+                if dns.qdcount > 0 and dns:parse_q(q, labels, 16) == 0 then
                     table.insert(queries, {
                         src = transport:source(),
                         sport = protocol.sport,
                         dst = transport:destination(),
                         dport = protocol.dport,
                         id = dns.id,
-                        qname = dns:rr_label(),
-                        qtype = dns:rr_type(),
+                        qname = label.tooffstr(dns, labels, 16),
+                        qtype = dns.type_tostring(q.type)
                     })
                 end
             end

diff --git a/examples/dumpdns.lua b/examples/dumpdns.lua
@@ -9,6 +9,7 @@ end
 local object = require("dnsjit.core.objects")
 local input = require("dnsjit.input.pcap").new()
 local layer = require("dnsjit.filter.layer").new()
+local dns = require("dnsjit.core.object.dns").new()
 
 input:open_offline(pcap)
 layer:producer(input)
@@ -17,24 +18,25 @@ local producer, ctx = layer:produce()
 while true do
     local obj = producer(ctx)
     if obj == nil then break end
-    if obj:type() == "payload" then
+    local pl = obj:cast()
+    if obj:type() == "payload" and pl.len > 0 then
         local transport = obj.obj_prev
         while transport do
-            if transport.obj_type == object.CORE_OBJECT_IP or transport.obj_type == object.CORE_OBJECT_IP6 then
+            if transport.obj_type == object.IP or transport.obj_type == object.IP6 then
                 break
             end
             transport = transport.obj_prev
         end
         local protocol = obj.obj_prev
         while protocol do
-            if protocol.obj_type == object.CORE_OBJECT_UDP or protocol.obj_type == object.CORE_OBJECT_TCP then
+            if protocol.obj_type == object.UDP or protocol.obj_type == object.TCP then
                 break
             end
             protocol = protocol.obj_prev
         end
 
-        local dns = require("dnsjit.core.object.dns").new(obj)
-        if transport and protocol and dns and dns:parse() == 0 then
+        dns.obj_prev = obj
+        if transport and protocol then
             transport = transport:cast()
             protocol = protocol:cast()
             print(protocol:type().." "..transport:source()..":"..tonumber(protocol.sport).." -> "..transport:destination()..":"..tonumber(protocol.dport))

diff --git a/examples/filter_rcode.lua b/examples/filter_rcode.lua
@@ -10,6 +10,7 @@ end
 local object = require("dnsjit.core.objects")
 local input = require("dnsjit.input.pcap").new()
 local layer = require("dnsjit.filter.layer").new()
+local dns = require("dnsjit.core.object.dns").new()
 
 input:open_offline(pcap)
 layer:producer(input)
@@ -18,17 +19,18 @@ local producer, ctx = layer:produce()
 while true do
     local obj = producer(ctx)
     if obj == nil then break end
-    if obj:type() == "payload" then
+    local pl = obj:cast()
+    if obj:type() == "payload" and pl.len > 0 then
         local transport = obj.obj_prev
         while transport do
-            if transport.obj_type == object.CORE_OBJECT_IP or transport.obj_type == object.CORE_OBJECT_IP6 then
+            if transport.obj_type == object.IP or transport.obj_type == object.IP6 then
                 break
             end
             transport = transport.obj_prev
         end
 
-        local dns = require("dnsjit.core.object.dns").new(obj)
-        if transport and dns and dns:parse() == 0 and dns.have_rcode == 1 and dns.rcode == rcode then
+        dns.obj_prev = obj
+        if transport and dns and dns:parse_header() == 0 and dns.have_rcode == 1 and dns.rcode == rcode then
             transport = transport:cast()
             print(dns.id, transport:source().." -> "..transport:destination())
         end