dnscap is a network capture utility designed specifically for DNS

traffic.  It normally produces binary data in pcap(3) format, either
on standard output or in successive dump files (based on the -w
command line option.)  This utility is similar to tcpdump(1), but
has finer grained packet recognition tailored to DNS transactions
and protocol options.  dnscap is expected to be used for gathering
continuous research or audit traces.

WWW: https://www.dns-oarc.net/tools/dnscap

PR:		ports/127433
Submitted by:	Edwin Groothuis <edwin@mavetju.org>

6 files changed, 92 insertions, 0 deletions

diff --git a/dns/Makefile b/dns/Makefile
index 62f215fc7861..4f76ac0136ef 100644
--- a/dns/Makefile
+++ b/dns/Makefile
@@ -24,6 +24,7 @@
     SUBDIR += dnrd
     SUBDIR += dns_balance
     SUBDIR += dns_mre
+    SUBDIR += dnscap
     SUBDIR += dnscheck
     SUBDIR += dnsdoctor
     SUBDIR += dnsflood
diff --git a/dns/dnscap/Makefile b/dns/dnscap/Makefile
new file mode 100644
index 000000000000..8f8b61f241a4
--- /dev/null
+++ b/dns/dnscap/Makefile
@@ -0,0 +1,27 @@
+#
+# Ports collection makefile for:	dns/dnscap
+# Whom:					Edwin Groothuis <edwin@mavetju.org>
+# Date created:				2008-09-17
+#
+# $FreeBSD$
+
+PORTNAME=	dnscap
+DISTVERSION=	1.0-RC6
+CATEGORIES=	dns
+MASTER_SITES=	http://www.mavetju.org/download/adopted/
+
+MAINTAINER=	edwin@mavetju.org
+COMMENT=	DNS network traffic capture utility
+
+USE_BZIP2=	yes
+
+WRKSRC=		${WRKDIR}/dnscap/
+
+MAN1=		dnscap.1
+PLIST_FILES=	bin/dnscap
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/dnscap ${PREFIX}/bin
+	${INSTALL_MAN} ${WRKSRC}/dnscap.1 ${PREFIX}/man/man1
+
+.include <bsd.port.mk>
diff --git a/dns/dnscap/distinfo b/dns/dnscap/distinfo
new file mode 100644
index 000000000000..d51cbfdf4e2b
--- /dev/null
+++ b/dns/dnscap/distinfo
@@ -0,0 +1,3 @@
+MD5 (dnscap-1.0-RC6.tar.bz2) = 2a863029f2eba59891ea3b4fb52c40c2
+SHA256 (dnscap-1.0-RC6.tar.bz2) = 7751ff964c09ffb0b1a8ce82358546232a3980ef59e305522ccfd260ff6dad52
+SIZE (dnscap-1.0-RC6.tar.bz2) = 18777
diff --git a/dns/dnscap/files/patch-Makefile b/dns/dnscap/files/patch-Makefile
new file mode 100644
index 000000000000..38e8ab8a2fe7
--- /dev/null
+++ b/dns/dnscap/files/patch-Makefile
@@ -0,0 +1,14 @@
+RCS file: /proj/cvsroot/dnscap/Makefile,v
+retrieving revision 1.17
+diff -u -r1.17 Makefile
+--- Makefile	22 Apr 2008 00:37:44 -0000	1.17
++++ Makefile	17 Sep 2008 04:49:10 -0000
+@@ -50,6 +50,8 @@
+ #PORTLIBS= -lhplx
+ 
+ # uncomment these if you're building on FreeBSD or where fp_nquery() is in libc
++HAVE_BINDLIB= 9
++BINDLIB= -lbind9
+ #PORTCFLAGS=
+ #PORTLDFLAGS=
+ #PORTLIBS=
diff --git a/dns/dnscap/files/patch-dump_dns.c b/dns/dnscap/files/patch-dump_dns.c
new file mode 100644
index 000000000000..12aaa395c3eb
--- /dev/null
+++ b/dns/dnscap/files/patch-dump_dns.c
@@ -0,0 +1,38 @@
+diff -u -r1.2 dump_dns.c
+--- dump_dns.c	14 Mar 2008 21:33:28 -0000	1.2
++++ dump_dns.c	17 Sep 2008 04:49:12 -0000
+@@ -61,7 +61,6 @@
+ #include <time.h>
+ #include <unistd.h>
+ 
+-extern const char *_res_opcodes[];
+ extern const char *_res_sectioncodes[];
+ #define p_rcode __p_rcode
+ extern const char *p_rcode(int rcode);
+@@ -87,6 +86,26 @@
+ 	(cp) += INT32SZ; \
+ } while (0)
+ 
++
++const char *_res_opcodes[] = {
++        "QUERY",
++        "IQUERY",
++        "CQUERYM",
++        "CQUERYU",      /*%< experimental */
++        "NOTIFY",       /*%< experimental */
++        "UPDATE",
++        "6",
++        "7",
++        "8",
++        "9",
++        "10",
++        "11",
++        "12",
++        "13",
++        "ZONEINIT",
++        "ZONEREF",
++};
++
+ #include "dump_dns.h"
+ 
+ void
diff --git a/dns/dnscap/pkg-descr b/dns/dnscap/pkg-descr
new file mode 100644
index 000000000000..d614b77b5958
--- /dev/null
+++ b/dns/dnscap/pkg-descr
@@ -0,0 +1,9 @@
+dnscap is a network capture utility designed specifically for DNS
+traffic.  It normally produces binary data in pcap(3) format, either
+on standard output or in successive dump files (based on the -w
+command line option.)  This utility is similar to tcpdump(1), but
+has finer grained packet recognition tailored to DNS transactions
+and protocol options.  dnscap is expected to be used for gathering
+continuous research or audit traces.
+
+WWW: https://www.dns-oarc.net/tools/dnscap