用于网络监视器的MDNS解析器 [英] An MDNS parser for network monitor

问题描述

在大多数情况下，mDNS实际上只是DNS.但是，网络监视器似乎并不知道这一点.它只是将其显示到UDP级别.它没有解析我所期望的问题和答案.

mDNS is really just DNS for the most part. However, Network Monitor doesn't seem to know that. It simply displays it up to the UDP level. It does not parse questions and answers as I would expect.

 

是否有用于网络监视器的特定mDNS解析器.无论如何，我可以像对待DNS数据包一样处理它吗?

Is there a specific mDNS parser for network monitor. Is there anyway i can get it to treat mDNS packets like DNS packets?

 

谢谢

 

推荐答案

假设相同，则可以修改UDP.NPL以使用端口5353.这是有关针对适用于不同端口的协议修改netmon解析器的常规常见问题解答.

Assuming it's identical, you can modify UDP.NPL to use port 5353.  Here's a general FAQ about modifying netmon parsers for protocols that work on different ports.

http://social.technet .microsoft.com/wiki/contents/articles/network-monitor-3-frequently-asked-questions.aspx#HowCanITellNetworkMonitorToParse

以下是您所做更改的摘要.

Here's a summary of the change you make.

struct UDPPayload(srcPort, destPort) = FormatString("SourcePort = %d, DestinationPort = %d", srcPort, destPort)
{
	[Local.UDPPort.AddToProperty(srcPort, ADD_TO_PROPERTY_FLAG_NO_DUPLICATES), 
	Local.UDPPort.AddToProperty(destPort, ADD_TO_PROPERTY_FLAG_NO_DUPLICATES)]
	switch(Local.UDPPort)
	{
		case  53:
		case	5353:
			DNS Dns;

这篇关于用于网络监视器的MDNS解析器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！