#
# https://en.wikipedia.org/wiki/List_of_DNS_record_types
#
-# Note that mapping here is non-exhaustive, and that tinydns will
-# log responses for record types that it does not know about.
+# This list *should* be exhaustive, and we hope it is, because the log
+# parser will now crash if it encounters a type it doesn't know about.
QUERY_TYPE_NAME = {
1: "a",
2: "ns",
+ 3: "md",
+ 4: "mf",
5: "cname",
6: "soa",
+ 7: "mb",
+ 8: "mg",
+ 9: "mr",
+ 10: "null",
+ 11: "wks",
12: "ptr",
13: "hinfo",
+ 14: "minfo",
15: "mx",
16: "txt",
17: "rp",
+ 18: "afsdb",
+ 19: "x25",
+ 20: "isdn",
+ 21: "rt",
+ 22: "nsap",
+ 23: "nsap-ptr",
24: "sig",
25: "key",
+ 26: "px",
+ 27: "gpos",
28: "aaaa",
+ 29: "loc",
+ 30: "nxt",
+ 31: "eid",
+ 32: "nimloc",
33: "srv",
+ 34: "atma",
35: "naptr",
+ 36: "kx",
+ 37: "cert",
38: "a6",
+ 39: "dname",
+ 40: "sink",
+ 41: "opt",
+ 42: "apl",
+ 43: "ds",
+ 44: "sshfp",
+ 45: "ipseckey",
+ 46: "rrsig",
+ 47: "nsec",
48: "dnskey",
+ 49: "dhcid",
+ 50: "nsec3",
+ 51: "nsec3param",
52: "tlsa",
+ 53: "smimea",
+ 55: "hip",
+ 56: "ninfo",
+ 57: "rkey",
+ 58: "talink",
+ 59: "cds",
+ 60: "cdnskey",
+ 61: "openpgpkey",
+ 62: "csync",
+ 63: "zonemd",
+ 64: "svcb",
65: "https",
+ 99: "spf",
+ 100: "uinfo",
+ 101: "uid",
+ 102: "gid",
+ 103: "unspec",
+ 104: "nid",
+ 105: "l32",
+ 106: "l64",
+ 107: "lp",
+ 108: "eui48",
+ 109: "euc64",
+ 249: "tkey",
+ 250: "tsig",
+ 251: "ixfr",
252: "axfr",
+ 253: "mailb",
+ 254: "maila",
255: "any",
- 257: "caa"
+ 256: "uri",
+ 257: "caa",
+ 259: "doa",
+ 32768: "ta",
+ 32769: "dlv"
}
def convert_ip(ip : str) -> str:
"""
qt = words[i]
- words[i] = QUERY_TYPE_NAME.get(int(qt), qt)
+ words[i] = QUERY_TYPE_NAME[int(qt)]
def handle_dnscache_log(line : str) -> Optional[str]:
r"""
request_id = int(request_id, 16)
# Convert the "type" field to a human-readable record type name
- # using the query_type dictionary. If the right name isn't present
- # in the dictionary, we use the (decimal) type id instead.
- query_type = int(query_type, 16) # "001c" -> 28
- query_type = QUERY_TYPE_NAME.get(query_type, type) # 28 -> "aaaa"
+ # using the query_type dictionary.
+ query_type = int(query_type, 16) # "001c" -> 28
+ query_type = QUERY_TYPE_NAME.get(query_type) # 28 -> "aaaa"
line_tpl = "{timestamp} "
name, as in https://en.wikipedia.org/wiki/List_of_DNS_record_types.
While dnscache logs the id in decimal, tinydns records it in
hexadecimal (for example, \(dq001c\(dq) necessitating a hex->decimal
-conversion before we can look up its name. Decimal numbers with
-no entry in the id->name mapping are output as-is.
+conversion before we can look up its name.
.P
The following transformations are specific to tinydns:
projects / djbdns-logparse.git / commitdiff