Add filter on DNS answer

ntop · Oct 30, 2024 · e845c19 · e845c19
1 parent 4238328
commit e845c19
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 0 deletions.
diff --git a/scripts/locales/en.lua b/scripts/locales/en.lua
@@ -2195,6 +2195,7 @@ local lang = {
             ["confidence"] = "Confidence",
             ["country"] = "Country",
             ["dga_domain_name"] = "Requested Domain Name",
+            ["dns_answer"] = "DNS Answer",
             ["domain_name"] = "Domain Name",
             ["dscp_id"] = "DSCP ID",
             ["dst2src_dscp"] = "Server DSCP",

diff --git a/scripts/lua/modules/historical_flow_utils.lua b/scripts/lua/modules/historical_flow_utils.lua
@@ -1453,6 +1453,7 @@ function historical_flow_utils.get_tags()
    flow_defined_tags["user_agent"] = tag_utils.defined_tags["user_agent"]
    flow_defined_tags["last_server"] = tag_utils.defined_tags["last_server"]
    flow_defined_tags["netbios_name"] = tag_utils.defined_tags["netbios_name"]
+   flow_defined_tags["dns_answer"] = tag_utils.defined_tags["dns_answer"]
    flow_defined_tags["mdns_answer"] = tag_utils.defined_tags["mdns_answer"]
    flow_defined_tags["mdns_name"] = tag_utils.defined_tags["mdns_name"]
    flow_defined_tags["mdns_name_txt"] = tag_utils.defined_tags["mdns_name_txt"]

diff --git a/scripts/lua/modules/http_lint.lua b/scripts/lua/modules/http_lint.lua
@@ -2016,6 +2016,7 @@ local known_parameters = {
    ["alert_granularity"] = validateNumber,                                            -- An alert granularity
    ["entity"] = validateNumber,                                                       -- An alert entity type
    ["by_24h"] = validateBool,                                                         -- Used to know if the new or the old timeseries format is requested
+   ["dns_answer"] = validateListOfTypeInline(validateFilters(validateSingleWord)),
    ["role"] = validateListOfTypeInline(validateFilters(validateSingleWord)),          -- attacker/victim
    ["role_cli_srv"] = validateListOfTypeInline(validateFilters(validateSingleWord)),  -- client/server
    ["l7_error_id"] = validateListOfTypeInline(validateFilters(validateNumber)),       -- client/server

diff --git a/scripts/lua/modules/tag_utils.lua b/scripts/lua/modules/tag_utils.lua
@@ -470,6 +470,16 @@ tag_utils.defined_tags = {
         i18n_label = i18n('db_search.tags.netbios_name'),
         operators = { 'eq', 'neq', 'in', 'nin' }
     },
+    dns_answer = {
+        value_type = 'dns_answer',
+        i18n_label = i18n('db_search.tags.dns_answer'),
+        operators = { 'eq', 'neq', 'in', 'nin' }
+    },
+    dns_answer = {
+        value_type = 'dns_answer',
+        i18n_label = i18n('db_search.tags.dns_answer'),
+        operators = { 'eq', 'neq', 'in', 'nin' }
+    },
     mdns_answer = {
         value_type = 'mdns_answer',
         i18n_label = i18n('db_search.tags.mdns_answer'),