Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
drool(1)		    General Commands Manual		      drool(1)

NAME
       drool - DNS Replay Tool

SYNOPSIS
       drool respdiff [	options	] path name file name host port

DESCRIPTION
       This  tool is to	be used	in conjunction with the	tool-chain respdiff by
       CZ.NIC (see https://gitlab.labs.nic.cz/knot/respdiff).

       It will replay DNS queries found	in the PCAP, but only if a correlating
       response	is also	found, against the target host and port.   The	query,
       original	 response and the received response is then stored into	a LMDB
       database	located	at path.  The name before the PCAP file	and  the  name
       before the target host are stored in the	meta table which should	corre-
       spond  with  the	 configuration	use for	respdiff in order for it to be
       able to read the	results	correctly.

OPTIONS
       These options are specific for the respdiff command, see	 drool(1)  for
       generic options.

       -D     Show DNS queries and responses as	processing goes.

       --no-tcp
	      Do not use TCP.

       --no-udp
	      Do not use UDP.

       -T --threads
	      Use threads.

       --tcp-threads N
	      Set the number of	TCP threads to use, default 2.

       --udp-threads N
	      Set the number of	UDP threads to use, default 4.

       --timeout N.N
	      Set  timeout for waiting on responses [seconds.nanoseconds], de-
	      fault 10.0.

       --size BYTES
	      Set the size (in bytes, multiple of OS page size)	 of  the  LMDB
	      database,	default	10485760.

DATABASE SIZE
       Note that you will need to set a	database size that is large enough for
       all  queries,  all  original  responses,	all received responses and all
       analysis	done by	respdiff tool-chain in order for a successful analysis
       to be done.

EXAMPLE
       This example replays a PCAP file	against	localhost and  then  uses  the
       respdiff	tool-chain to analyze the results.

	 $ drool respdiff /lmdb/path pcap file.pcap target 127.0.0.1 53
	 $ msgdiff.py /lmdb/path
	 $ diffsum.py /lmdb/path

SEE ALSO
       drool(1)

AUTHORS
       Jerry Lundstrm, DNS-OARC

       Maintained by DNS-OARC

	      https://www.dns-oarc.net/

BUGS
       For issues and feature requests please use:

	      https://github.com/DNS-OARC/drool/issues

       For question and	help please use:

	      admin@dns-oarc.net

DNS Replay Tool			     2.0.0			      drool(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=drool-respdiff&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help