From 270a3d6ee526f5ba415493abbdc23aa87ac16585 Mon Sep 17 00:00:00 2001
From: Menno Duursma <druiloor@zonnet.nl>
Date: Tue, 11 May 2010 20:01:31 +0200
Subject: network/dnstop: Added to 12.0 repository

---
 network/dnstop/README | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 network/dnstop/README

(limited to 'network/dnstop/README')

diff --git a/network/dnstop/README b/network/dnstop/README
new file mode 100644
index 0000000000..4465add979
--- /dev/null
+++ b/network/dnstop/README
@@ -0,0 +1,26 @@
+dnstop is a libpcap  application (ala tcpdump) that displays various tables of DNS traffic on your network. Currently dnstop displays tables of:
+
+    * Source IP addresses
+    * Destination IP addresses
+    * Query types
+    * Response codes
+    * Opcodes
+    * Top level domains
+    * Second level domains
+    * Third level domains
+    * etc...
+
+dnstop supports both IPv4 and IPv6 addresses.
+
+To help find especially undesirable DNS queries, dnstop provides a number of filters. The filters tell dnstop to display only the following types of queries:
+
+    * For unknown/invalid TLDs
+    * A queries where the query name is already an IP address
+    * PTR queries for RFC1918 address space 
+
+dnstop can either read packets from the live capture device, or from a tcpdump savefile.
+
+--
+Unless modified, this script compiles with PPP frame support.
+
+Homepage: http://dns.measurement-factory.com/tools/dnstop/
-- 
cgit v1.2.3