Wireshark development team,
Kindly reply me for my query regarding Wireshark network analyzer.
I am doing a DNS proxy for IPV6. For this I have to get the destination IP(DNS Sever IP stored in the client PC.
I have idea to implement the Wireshark source code for getting the desdtination IP.
for example
client IP ->
192.168.16.67 DNS ( destination IP) ->
192.168.16.106By using the Wireshark GUI I use DNS filter and it displays
source IP destination IP
192.168.16.67
192.168.16.106then
192.168.16.106
192.168.16.67And in LINUX when I am executing with the command
/home/saravanan/ethereal-
0.99.0/tethereal -c 10 port 53
[root@hestia ethereal-0.99.0
]# /home/saravanan/ethereal-0.99.0/tethereal -c 10 port 53
Capturing on eth0
0.000000
192.168.16.67 ->
192.168.16.106 DNS Standard query A
www.samedi.org 0.004528
192.168.16.106 ->
206.51.233.130 DNS Standard query A
www.samedi.org 0.177348
206.51.233.130
->
192.168.16.106 DNS Standard query response A
206.51.233.130 0.178324
192.168.16.106 ->
192.168.16.67 DNS Standard query response A
206.51.233.130
6.968992
192.168.16.67 ->
192.168.16.106 DNS Standard query A
statse.webtrendslive.com
6.970539
192.168.16.106 ->
220.73.220.4 DNS Standard query A
statse.webtrends.akadns.net 7.028039
220.73.220.4 ->
192.168.16.106 DNS Standard query response A
63.236.111.50 7.029246
192.168.16.106 ->
192.168.16.67 DNS Standard query response CNAME
statse.webtrends.akadns.net A
63.236.111.50
94.006077
192.168.16.67 ->
192.168.16.106 DNS Standard query A
mail.google.com 94.007689
192.168.16.106 ->
72.14.235.9 DNS Standard query A
googlemail.l.google.com10 packets captured
it displays (
www.google.co.in) URL link IP. Instead of this I want to filter only DNS.
192.168.16.67 and
192.168.16.106.
( client IP) (DNS server IP)
I had attached the sample excel file for your reference.
for this what kind of filters should I use in my command.
kindly reply me.
Thanks
Saravanan
Attachment:
ethereal-Gtk.xls
Description: MS-Excel spreadsheet
