/
dnscap
executable file
·64 lines (53 loc) · 1.85 KB
/
dnscap
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/usr/bin/env zsh
#
# Copyright (C) 2015 Dyne.org Foundation
#
# Dowse is designed, written and maintained by Denis Roio <jaromil@dyne.org>
#
# This source code is free software; you can redistribute it
# and/or modify it under the terms of the GNU Public License
# as published by the Free Software Foundation; either
# version 3 of the License, or (at your option) any later
# version.
#
# This source code is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. Please refer to the GNU Public License for more
# details.
#
# You should have received a copy of the GNU Public License
# along with this source code; if not, write to: Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA
# 02139, USA.
dnscap-conf() { return 0; }
dnscap-start() {
fn dnscap-start
conf=${1:-/dev/null}
pid=${2:-$R/run/dnscap.pid}
[[ "$EUID" = 0 ]] || return 1
act "launching dnscap"
# -p Asks that the interface not be put into promiscuous mode.
# -1 Flush the pcap(3) packet dump after every packet.
# -6 recommended for ipv6
# -i interface
# -m [qun] Capture only messages of designated types (query, update, and notify). Default is query.
start-stop-daemon \
--background --pidfile $pid --start --exec /usr/local/bin/dnscap \
--make-pidfile -- -1 -i $interface -x . -X in-addr.arpa \
-P $R/src/dnscap/plugins/dowse/dowse.so \
-o $R/log/dnscap.log -l $R/src/domain-list/data -q
[[ $? = 0 ]] || {
error "problem starting dnscap"
return 1
}
}
dnscap-stop() {
fn dnscap-stop
pidfile=${1:-$R/run/dnscap.pid}
pid=`cat $pidfile`
act "Stopping dnscap ($pid)"
start-stop-daemon --stop --pidfile $pidfile
[[ $? = 0 ]] && waitpid $pid
rm -f $pid
}