Wireshark-users: Re: [Wireshark-users] are there any ways to filter specific DNS queries
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Stefan <netfortius@xxxxxxxxx>
Date: Tue, 12 Jun 2012 09:30:05 -0500
If you just want string(s) search, wouldn't ngrep
http://en.wikipedia.org/wiki/Ngrep fit you better (it also takes bpf
filters)? You could "feed" ngrep with capture files obtained by tshark
means ...

***Stefan Mititelu
http://twitter.com/netfortius
http://www.linkedin.com/in/netfortius


On Tue, Jun 12, 2012 at 9:21 AM, nangergong <nangergong@xxxxxxxxx> wrote:
> Hi, all:
>
>     I want to filter out some specific DNS queries. These DNS queries are
> for some specific domain name or websites, for example www.example.com
>     are there any ways for this filtering? Thanks!
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe