ldns-dpa command examples

ldns-dpa command examples

$dpa – DNS Packet Analyzer. Analyze DNS packets in ip trace files

#ldns-dpa -u packetsize -p test.tr

Count all different packetsizes in test.tr and show the precentages.

#ldns-dpa -f "edns=1&qr=0" -of edns.tr test.tr

Filter out all edns enable queries in test.tr and put them in edns.tr

#ldns-dpa -f edns=1 -c tc=1 -u rcode test.tr

For all edns packets, count the number of truncated packets and all their rcodes in test.tr.

#ldns-dpa -c tc=1,qr=0,qr=1,opcode=QUERY test.tr

For all packets, count the number of truncated packets, the number of packets with qr=0, the number of packets with qr=1 and the number of queries in test.tr.

#ldns-dpa -u packetsize -ua test.tr

Show all packet sizes and the average packet size per packet.

 

#ldns-dpa -u srcaddress -uac test.tr

Show all packet source addresses and the average number of packets sent from this address.

#sudo tcpdump -i eth0 -s 0 -U -w - port 53 | ldns-dpa -f qr=0 -sf

Print all query packets seen on the specified interface.

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us | Privacy Policy