Capturing in dnscap is done within user-space today and solely using libpcap,
this limits the performance to the CPU, kernel interfaces and libpcap version
(which can be very poor depending on kernel and libpcap versions).
This project would try and add support for various hardware toolkit for
network cards such as DPDK, by looking at integrating with other libraries
such as libmoon and snabb or using DPDK and other toolkit directly.
The plugin support in dnscap today is based on dynamic loaded libraries and
the interface for this is not optimal. There is also no proper development
files / headers / environment / documentation for this which makes it hard to
create new plugins.
This project would add support for making plugins in script languages were
there is support to add an engine, such as LUA, Python, Perl and optionally
The CBOR DNS Stream (CDS) format is an experimental output format that exists
in dnscap today but has to be enable during compilation. The format has been
developed to describe DNS and any surrounding meta information at a much lower
space requirement then raw packets. It can deliver this today at around 30% of
the size of PCAPs.
This project would continue the work on CDS and move the code to a standalone
library. This library will be changed to use omg-dns to parse DNS (which
was actually based on the experimental code of CDS) and will have support for