Wireshark · Ethereal-users: Re: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?

Ethereal-users: Re: [Ethereal-users] how to capture only DNS packets byapplyingfilter in etherea

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Marco van den Bovenkamp <marco@xxxxxxxxxxxxxxxxxxx>

Date: Thu, 19 Feb 2004 14:42:19 +0100

Moses Hernandez wrote:

The reason you don't see the DNS response is because DNS will not respond
back on port 53 it will only listen on that port for incoming requests.

DNS requests are sent *to* port 53 on the server (where it listens), andthe replies are sent *from* port 53.

'udp port 53' as capture filter (which matches either source ordestination port or both being 53) should capture both requests andreplies, and does so for me.

I can't explain why it doesn't work for him. Perhaps he could try just'port 53', capturing both UDP & TCP? The server shouldn't use TCP(although the client *might*), but that's all I can think of.


'dns' is not valid *capture* filter syntax; it's a display filter.

--

		Regards,

			Marco.

Follow-Ups:
- RE: [Ethereal-users] how to capture only DNS packets byapplyingfilterin ethereal?
  - From: Vadiraj Kulkarni

References:
- RE: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?
  - From: Moses Hernandez

Prev by Date: RE: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?
Next by Date: [Ethereal-users] Install of 0.10.1
Previous by thread: RE: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?
Next by thread: RE: [Ethereal-users] how to capture only DNS packets byapplyingfilterin ethereal?
Index(es):
- Date
- Thread