Wireshark · Ethereal-users: Re: [Ethereal-users] how to capture only DNS packets by applying filter in ethereal?

Ethereal-users: Re: [Ethereal-users] how to capture only DNS packets by applying filter in ether

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>

Date: Wed, 18 Feb 2004 01:49:23 -0800

On Mon, Feb 16, 2004 at 11:28:20PM -0800, vadiraj kulkarni wrote:
> Since i am interested only in the DNS packet, i tried
> to apply a filter udp port 53
> By applying the filter, i am getting only DNS query
> pakcets. Not able to see DNS response.

Are the responses being sent to, or from, port 53?  If not, then you'll
have to use some filter that also handles whatever port they're using.

I have no problem seeing DNS queries and responses from/to "nslookup" on
my machine, using the filter "udp port 53".

References:
- [Ethereal-users] how to capture only DNS packets by applying filter in ethereal?
  - From: vadiraj kulkarni

Prev by Date: Re: [Ethereal-users] ethereal: capture raw 802.11 frames
Next by Date: [Ethereal-users] capturing last part of large file transfer
Previous by thread: [Ethereal-users] how to capture only DNS packets by applying filter in ethereal?
Next by thread: Re: [Ethereal-users] how to capture only DNS packets by applying filter in ethereal?
Index(es):
- Date
- Thread