Unirec output: change mapping of DNS fields

Lukas955 · Lukas955 · commit cbc4418ac9c8 · 2020-03-18T10:33:33.000+01:00
Old DNS fields (based on CESNET exporter extension) have been replaced by Flowmon DNS fields
diff --git a/extra_plugins/output/unirec/config/unirec-elements.txt b/extra_plugins/output/unirec/config/unirec-elements.txt
@@ -33,17 +33,22 @@ DIR_BIT_FIELD                  uint8         _internal_dbf_   # Bit field used f
 LINK_BIT_FIELD                 uint64        _internal_lbf_   # Bit field of links on which was flow seen
 
 # --- DNS specific fields ---
-DNS_ANSWERS                    uint16        e8057id0         # DNS answers
-DNS_RCODE                      uint8         e8057id1         # DNS rcode
-DNS_NAME                       string        e8057id2         # DNS name
-DNS_QTYPE                      uint16        e8057id3         # DNS qtype
-DNS_CLASS                      uint16        e8057id4         # DNS class
-DNS_RR_TTL                     uint32        e8057id5         # DNS rr ttl
-DNS_RLENGTH                    uint16        e8057id6         # DNS rlenght
-DNS_RDATA                      bytes         e8057id7         # DNS rdata
-DNS_PSIZE                      uint16        e8057id8         # DNS payload size
-DNS_DO                         uint8         e8057id9         # DNS DNSSEC OK bit
-DNS_ID                         uint16        e8057id10        # DNS transaction id
+DNS_ID                         uint16        e39499id110      # DNS transaction id
+DNS_FLAGS                      uint16        e39499id111      # DNS header flags
+DNS_CNT_QUESTIONS              uint16        e39499id112      # DNS questions
+DNS_CNT_ANSWERS                uint16        e39499id113      # DNS answers
+DNS_CNT_AUTHS                  uint16        e39499id114      # DNS auth. records
+DNS_CNT_ADDIT                  uint16        e39499id115      # DNS additional records
+DNS_Q_NAME                     string        e39499id121      # DNS query name
+DNS_Q_TYPE                     uint16        e39499id122      # DNS query type
+DNS_Q_CLASS                    uint16        e39499id123      # DNS query class
+DNS_RR_NAME                    string        e39499id116      # DNS RR name
+DNS_RR_TYPE                    uint16        e39499id117      # DNS RR type
+DNS_RR_CLASS                   uint16        e39499id118      # DNS RR class
+DNS_RR_TTL                     uint32        e39499id119      # DNS RR ttl
+DNS_RR_RDATA                   bytes         e39499id120      # DNS RR rdata
+DNS_RR_RLENGTH                 uint16        e39499id124      # DNS RR rlenght
+# Note: Old fields DNS_RCODE, DNS_PSIDE and DNS_DO are not available anymore...
 
 # --- SMTP specific fields ---
 #SMTP_FLAGS                     uint8         e8057id200       # SMTP flags
