DNS loopkup should use UDP packet, and you have to construct UDP request
based on your captured IP addresses in your module.
And you have to use DNS server fallback lists and time-out control if some DNS
server cannot work well.
based on your captured IP addresses in your module.
And you have to use DNS server fallback lists and time-out control if some DNS
server cannot work well.
--
Regards,
shhuiw
shhuiw
At 2014-07-08 08:01:02, "Sudip Mukherjee" <sudipm.mukherjee@xxxxxxxxx> wrote: >On Tue, Jul 8, 2014 at 4:52 PM, shhuiw <shhuiw@xxxxxxx> wrote: >> Hi, >> >> I think you need refer to some open source DNS client utilities, e.g >> http://en.wikipedia.org/wiki/Nslookup. >> >> - shhuiw > >just have a look at the source code of nslookup command ... it does >the same thing as what u want ... > >but in many cases it will not work , as many domain names have shared >ip address . > > >> >> >> At 2014-07-08 06:26:23, "Hettiarachchige Hasitha Shan" <hh_shan@xxxxxxxx> >> wrote: >> >> I have a requirement to obtain the domain name from the destination IP from >> an outgoing packet. I am successful in capturing and obtaining the >> destination IP packets using the `netfilter` hook as shown below. >> >> unsigned int hook_func_out(unsigned int hooknum, struct sk_buff * skb, >> const struct net_device *in, const struct net_device *out, int >> (*okfn)(struct sk_buff*)) >> { >> >> ofs = 20; // Set theoffset to skip over the IP header. >> >> { >> struct iphdr *ip_header = (struct iphdr >> *)skb_network_header(skb); >> struct udphdr *udp_header; >> struct tcphdr * tcp_header; >> >> //Ican obtain the destination IP address of the packet >> //like this >> unsigned int dest_ip = (unsigned int)ip_header->daddr; >> >> //or like this >> char pkt_tbuf[16]; >> snprintf(pkt_tbuf, 16, "%pI4", &ip_header->daddr); >> >> //here I need to obtain the domain name of the obtained >> destination address >> } >> } >> >> However, I have no idea on how to use that IP to obtain the domain name of >> the obtained IP. >> >> I tried many sources >> (https://www.google.com/search?client=ubuntu&channel=fs&q=linux+kernel+programming+domain+name+from+IP+&ie=utf-8&oe=utf-8) >> but did find any related information on the subject and will be really >> grateful if you experts would provide any sample code/ references to perform >> this task :) >> >> Thank you very much :) >> >> >> >> >> _______________________________________________ >> Kernelnewbies mailing list >> Kernelnewbies@xxxxxxxxxxxxxxxxx >> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies >> > >_______________________________________________ >Kernelnewbies mailing list >Kernelnewbies@xxxxxxxxxxxxxxxxx >http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
