/dnstop, Diagnose tcpdump trace for DNS queries/replies
20140915nb2, Package name:
dnstop-20140915nb2, Maintainer: pkgsrc-users
dnstop is a libpcap application (ala tcpdump) that displays various
tables of DNS traffic on your network. Currently dnstop displays
* Source IP addresses
* Destination IP addresses
* Query types
* Top level domains
* Second level domains
Required to build:
Master sites: SHA1:
Version history: (Expand)
- (2015-08-18) Updated to version: dnstop-20140915nb2
- (2015-08-18) Updated to version: dnstop-20140915nb1
- (2015-08-15) Updated to version: dnstop-20140915
- (2013-02-12) Updated to version: dnstop-20090128nb1
- (2012-06-11) Package has been reborn
- (2012-06-11) Package deleted from pkgsrc
CVS history: (Expand)
| 2017-01-04 11:01:44 by Roy Marples | Files touched by this commit (1) |
Use the curses framework.
| 2015-11-04 01:35:47 by Alistair G. Crooks | Files touched by this commit (748) |
Add SHA512 digests for distfiles for net category
Problems found with existing digests:
Package haproxy distfile haproxy-1.5.14.tar.gz
Problems found locating distfiles:
Package bsddip: missing distfile bsddip-1.02.tar.Z
Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
Package djbdns: missing distfile djbdns-cachestats.patch
Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
Package gated: missing distfile gated-3-5-11.tar.gz
Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
Package poink: missing distfile poink-1.6.tar.gz
Package ra-rtsp-proxy: missing distfile rtspd-src-188.8.131.52.tar.gz
Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
Package waste: missing distfile waste-source.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
| 2015-08-18 09:31:20 by Thomas Klausner | Files touched by this commit (282) |
Bump all packages that depend on curses.bui* or terminfo.bui* since they
might incur ncurses dependencies on some platforms, and ncurses just bumped
Some packages were bumped twice now, sorry for that.
| 2015-08-17 19:11:32 by Thomas Klausner | Files touched by this commit (178) | |
Bump PKGREVISION for ncurses shlib bump.
| 2015-08-14 23:21:24 by Leonardo Taccari | Files touched by this commit (3) | |
Update net/dnstop to dnstop-20140915, based on patches from Benedek Gergely
ok by wiz@.
2014/09/12 Duane Wessels
Added 'new-gtlds' filter, which includes only queries for names
ending with one of the new (2013/2014) generic TLDs. This may
be useful to find hosts/servers using internal names which may
collide with new gTLDs once they become active. If you use
short (not fully qualified) names internally you may be uknownlying
relying on root (or other) name servers to return NXDOMAIN for
them. If so, "you're gonna have a bad time."
Along with this new feature, TLD lists are now hashed in the
code for faster lookups.
2012/11/30 Duane Wessels
Added more entries to the table of known query type names (HINFO,
AFSDB, PX, SSHFP, NSEC3, NSEC3PARAM, TLSA, DLV).
2012/10/15 Duane Wessels
The 'refused' filter only works on responses, which are not
processed by default. Now, if the 'refused' filter is specified,
dnstop will automatically process responses and ignore queries.
2012/06/11 Duane Wessels
Added "qtype-any" filter for displaying ANY queries which are
now fashionable in DNS based attacks.
2011/05/02 Duane Wessels
Anand Buddhev pointed out that LDFLAGS= is missing from Makefile.in.
Also updated known_tlds.h.
2011/01/27 Duane Wessels
Fixed some portability bugs (OpenBSD, gmake 3.82) and other
Added a feature (-n option) to restrict counting to a given
2011/01/05 Duane Wessels
Found a fixed a few problems after spending some quality time
looking at the code.
1) Hash table performance was terrible and has been improved.
The hash table size is now configurable via command line
2) Some things were double-counted when both -Q and -R were
3) Added cumulative percentage totals to the tables
4) Added -X option to disable the source+queryname tables, which
could consume a lot of memory.
5) Imported "inX_addr" mini-library for storing IPv4/IPv6
2010/12/27 Duane Wessels
Fixed a bug where if stdout was a TTY but stdin was not a TTY,
then dnstop would enter a loop on keyboard input and consume
100% CPU. Now it checks that stdin is a TTY as well.
| 2013-02-06 20:31:06 by Jonathan Perkin | Files touched by this commit (76) | |
PKGREVISION bumps for net/libpcap update.
| 2012-10-23 19:19:22 by Aleksej Saushev | Files touched by this commit (671) |
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
| 2009-07-25 12:26:17 by OBATA Akio | Files touched by this commit (2) | |
Update dnstop to 20090128.
Based on PR 41779 by Fredrik Pettai.
I added a new feature to dnstop today that filters on "refused" \
This might be useful in tracking the ongoing DNS-based DDoS attacks.
To use this new feature:
dnstop -R -f refused eth0
The interesting changes came in a patch from Dave Plonka:
Fixed a bug that cause dnstop to Memory fault when processing
a DNS packet greater than PCAP_SNAPLEN (previously 1460) bytes
Raised PCAP_SNAPLEN to 65535 to avoid truncating large DNS
Eliminated unnecessary stack buffers and memcpy calls when
Also some variables have been added to the Makefile at the request
of a packager so that it may be easier to customize where files are