Wireshark · Wireshark-dev: Re: [Wireshark-dev] Getting destination IP

Wireshark-dev: Re: [Wireshark-dev] Getting destination IP

From: Jeff Morriss <jeff.morriss@xxxxxxxxxxx>

Date: Wed, 21 Mar 2007 09:09:40 +0800

Did you see my answer to your question in your previous email? (At thetop of the email I said something about the Excel doc but I tried toanswer your question below that.)


sara vanan wrote:

Hi,
I am doing a DNS proxy for IPV6. For this I have to get the destinationIP(DNS Sever IP stored in the client PC.
I am trying to use Wireshark source code for getting the desdtination IP.

for example
client IP -> 192.168.16.67 <http://192.168.16.67/> DNS (destination IP) -> 192.168.16.106 <http://192.168.16.106/>
By using the Wireshark GUI  I use DNS filter  and it displays

source IP                   destination IP
192.168.16.67 <http://192.168.16.67/>192.168.16.106 Request <http://192.168.16.106/>
then
192.168.16.106 <http://192.168.16.106/>192.168.16.67 Response <http://192.168.16.67/>
And in LINUX  when I am executing  with the  command

/home/saravanan/ethereal- 0.99.0/tethereal -c 10 port 53
[root@hestia ethereal-0.99.0 ]#/home/saravanan/ethereal-0.99.0/tethereal -c 5 port 53
Capturing on eth0
0.000000 192.168.16.67 <http://192.168.16.67/> -> 192.168.16.106<http://192.168.16.106/> DNS Standard query A www.samedi.org<http://www.samedi.org/>0.004528 192.168.16.106 <http://192.168.16.106/> -> 206.51.233.130<http://206.51.233.130/> DNS Standard query A www.samedi.org<http://www.samedi.org/>0.177348 206.51.233.130 <http://206.51.233.130/> -> 192.168.16.106<http://192.168.16.106/> DNS Standard query response A 206.51.233.130<http://206.51.233.130/>0.178324 192.168.16.106 <http://192.168.16.106/> -> 192.168.16.67<http://192.168.16.67/> DNS Standard query response A 206.51.233.130<http://206.51.233.130/>6.968992 192.168.16.67 <http://192.168.16.67/> -> 192.168.16.106<http://192.168.16.106/> DNS Standard query A statse.webtrendslive.com<http://statse.webtrendslive.com/>6.970539 192.168.16.106 <http://192.168.16.106/> -> 220.73.220.4<http://220.73.220.4/> DNS Standard query A statse.webtrends.akadns.net<http://statse.webtrends.akadns.net/>7.028039 220.73.220.4 <http://220.73.220.4/> -> 192.168.16.106<http://192.168.16.106/> DNS Standard query response A 63.236.111.50<http://63.236.111.50/>
it displays ( www.google.co.in <http://www.google.co.in/>) URL link IP.Instead of this I want to filter only the source IP and destinationIP. For this what kind of filters should I use.
Kindly help me regarding this.


Thanks
Saravanan











------------------------------------------------------------------------

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Follow-Ups:
- Re: [Wireshark-dev] Getting destination IP
  - From: sara vanan

References:
- [Wireshark-dev] Getting destination IP
  - From: sara vanan

Prev by Date: Re: [Wireshark-dev] Prevent compiler warnings by using "stop on warnings"/"treat warnings as errors" compiler option?
Next by Date: Re: [Wireshark-dev] Prevent compiler warnings by using "stop on warnings"/"treat warnings as errors" compiler option?
Previous by thread: Re: [Wireshark-dev] Getting destination IP
Next by thread: Re: [Wireshark-dev] Getting destination IP
Index(es):
- Date
- Thread