yalla/nintendo_dns.lua

## nintendo_dns.lua
-- filterstring
local _filter = '(udp.port == 53) && (dns.count.answers >= 1)'
-- Whiteliste containing alowed RRs (doesn't work yet)
local _whitelist = {"nintendo\..+$", "nintendowifi.net$"}

-- register dns.qry.name and dns.resp.addr
qryname  = Field.new("dns.qry.name")
ipaddr = Field.new("dns.resp.addr")

-- Create listener
dns_tap = Listener.new(nil, filter)

function dns_tap.packet(pinfo)
      local qry = qryname()
      local q = tostring(qry)
      -- The whitelist should be here...
      if q:match("nintendowifi.net$") ~= nil  then
            local ip = ipaddr()
            if ip ~= nil then
                  -- the real action will go here
                  -- Will be something like 'iptables -A nintendo -s $src_ip -d $dst_ip -j ACCEPT'. Or so.
                  print("debug: ip = ", ip)
            end
      end
end
	-- filterstring
	local _filter = '(udp.port == 53) && (dns.count.answers >= 1)'
	-- Whiteliste containing alowed RRs (doesn't work yet)
	local _whitelist = {"nintendo\..+$", "nintendowifi.net$"}

	-- register dns.qry.name and dns.resp.addr
	qryname = Field.new("dns.qry.name")
	ipaddr = Field.new("dns.resp.addr")

	-- Create listener
	dns_tap = Listener.new(nil, filter)

	function dns_tap.packet(pinfo)
	local qry = qryname()
	local q = tostring(qry)
	-- The whitelist should be here...
	if q:match("nintendowifi.net$") ~= nil then
	local ip = ipaddr()
	if ip ~= nil then
	-- the real action will go here
	-- Will be something like 'iptables -A nintendo -s $src_ip -d $dst_ip -j ACCEPT'. Or so.
	print("debug: ip = ", ip)
	end
	end
	end