Wireshark-dev: [Wireshark-dev] Getting destination IP
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "sara vanan" <saravananbeitjj@xxxxxxxxx>
Date: Tue, 20 Mar 2007 20:34:09 +0900

Hi,

I am doing a DNS proxy for IPV6. For this I have to get the destination IP(DNS Sever IP stored  in the client PC.
I am trying to use Wireshark source code for getting the desdtination IP.

for example

client IP -> 192.168.16.67        DNS ( destination IP)  -> 192.168.16.106

By using the Wireshark GUI  I use DNS filter  and it displays

source IP                   destination IP
192.168.16.67            192.168.16.106                  Request

then
192.168.16.106           192.168.16.67                    Response


And in LINUX  when I am executing  with the  command

/home/saravanan/ethereal- 0.99.0/tethereal -c 10 port 53


[root@hestia ethereal-0.99.0 ]# /home/saravanan/ethereal-0.99.0/tethereal -c 5 port 53
Capturing on eth0
  0.000000 192.168.16.67 -> 192.168.16.106 DNS Standard query A www.samedi.org
  0.004528 192.168.16.106 -> 206.51.233.130 DNS Standard query A www.samedi.org
  0.177348 206.51.233.130 -> 192.168.16.106 DNS Standard query response A 206.51.233.130
  0.178324 192.168.16.106 -> 192.168.16.67 DNS Standard query response A 206.51.233.130
  6.968992 192.168.16.67 -> 192.168.16.106 DNS Standard query A statse.webtrendslive.com
  6.970539 192.168.16.106 -> 220.73.220.4 DNS Standard query A statse.webtrends.akadns.net
  7.028039 220.73.220.4 -> 192.168.16.106 DNS Standard query response A 63.236.111.50


it displays ( www.google.co.in) URL link IP. 

Instead of this I want to filter only the source IP and destination IP.   For this what kind of filters should I use.

Kindly help me regarding this.


Thanks
Saravanan