Wireshark mailing list archives

Re: About the ip address -host name conversion module in wireshark

From: Jeff Morriss <jeff.morriss.ws () gmail com>
Date: Wed, 23 May 2012 11:20:08 -0400

Check out gethostbyname() (or getaddrinfo()) and friends.

nangergong wrote:

Thanks! I'm wondering whether there are some public APIs for this function

On Wed, May 23, 2012 at 12:53 PM, Martin Visser<martinvisser99 () gmail com <mailto:martinvisser99 () gmail com>> wrote:


    In Wireshark,  it uses DNS or what ever you manually have written in
    the "ethers" or "hosts" file. Whois only shows assignments from the
    various Internet Registries.

    You can of course infer names (say looking at the "Host:" header in
    a HTTP request) but this isn't done.

    Unfortunately their is no magic to do this.

    Regards, Martin

    MartinVisser99 () gmail com <mailto:MartinVisser99 () gmail com>


    On 23 May 2012 20:00, nangergong <nangergong () gmail com
    <mailto:nangergong () gmail com>> wrote:

        HI, all:

             I noticed that wireshark can show the host name(or website
        url) for an ip address precisely. I need such a function which
        can convert an IP address to the host name precisely. With linux
        command "whois", the result is very coarse. Can anyone tell how
        wireshark did the conversion and can I write some scripts or a
        small program to do this? I mean the input is an IP address
        while the output is a host name or URL, Thanks!

        ___________________________________________________________________________
        Sent via:    Wireshark-dev mailing list
        <wireshark-dev () wireshark org <mailto:wireshark-dev () wireshark org>>
        Archives:    http://www.wireshark.org/lists/wireshark-dev
        Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
                    mailto:wireshark-dev-request () wireshark org
        <mailto:wireshark-dev-request () wireshark org>?subject=unsubscribe



    ___________________________________________________________________________
    Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org
    <mailto:wireshark-dev () wireshark org>>
    Archives:    http://www.wireshark.org/lists/wireshark-dev
    Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
                mailto:wireshark-dev-request () wireshark org
    <mailto:wireshark-dev-request () wireshark org>?subject=unsubscribe



------------------------------------------------------------------------

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

About the ip address -host name conversion module in wireshark nangergong (May 23)
- Re: About the ip address -host name conversion module in wireshark Martin Visser (May 23)
  - Re: About the ip address -host name conversion module in wireshark nangergong (May 23)
    - Re: About the ip address -host name conversion module in wireshark Jeff Morriss (May 23)
- Re: About the ip address -host name conversion module in wireshark Jim Wright (May 23)