[dnstap] dnstap file support for Wireshark
Robert Edmonds
edmonds at isc.org
Wed Jun 26 21:38:01 UTC 2013
I've added rudimentary dnstap support to Wireshark. It's on the
"branches/dnstap" branch in this GitHub repository:
https://github.com/dnstap/wireshark/tree/branches/dnstap
This only supports the dnstap file format (which is really simple), so
it doesn't do any decoding of the actual frame or its content, which is
the really interesting part. That is, to be useful, we also need
support for "dissection" of dnstap payloads to Wireshark, which will be
somewhat tricky since Wireshark doesn't appear to have a Protocol
Buffers decoder in-tree.
Attached is a screenshot showing Wireshark displaying the raw dnstap
frames.
--
Robert Edmonds
edmonds at isc.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dnstap_wireshark.png
Type: image/png
Size: 144645 bytes
Desc: not available
URL: <http://lists.redbarn.org/pipermail/dnstap/attachments/20130626/fca7aea6/attachment-0001.png>
More information about the dnstap
mailing list