mirror of https://github.com/OISF/suricata
cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2918a75da1
packets. Where rcode isn't "no error" this is displayed in both DNS and JSON logs. Note that this changes the current "No such domain" to "NXDOMAIN" in DNS logs. This could be fixed if desired to maintain compatibility with anybody crazy enough to parse the DNS log. When the rcode is not "no error" (for example NXDOMAIN or SERVFAIL) it is unlikely that there will be answer RRs. Therefore the rname from the query is used. Because the rcode applies to a whole answer packet (not individual queries) it is impossible to determine which query RR caused the error. Because of this most DNS servers currently reject multiple queries per packet. Therefore each query RR is output instead with the relevant error code, likely to be FORMERR if queries > 1. |
11 years ago | |
|---|---|---|
| benches | ||
| contrib | 12 years ago | |
| doc | 11 years ago | |
| lua | 11 years ago | |
| m4 | ||
| qa | 11 years ago | |
| rules | 11 years ago | |
| scripts | 11 years ago | |
| src | 11 years ago | |
| .gitignore | ||
| .travis.yml | 11 years ago | |
| COPYING | ||
| ChangeLog | 11 years ago | |
| LICENSE | ||
| Makefile.am | 11 years ago | |
| Makefile.cvs | ||
| acsite.m4 | ||
| autogen.sh | ||
| classification.config | ||
| config.rpath | ||
| configure.ac | 11 years ago | |
| doxygen.cfg | 12 years ago | |
| reference.config | 11 years ago | |
| suricata.yaml.in | 11 years ago | |
| threshold.config | ||