Wireshark mailing list archives
Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET
From: Jaap Keuter <jaap.keuter () xs4all nl>
Date: Wed, 29 Mar 2017 11:32:36 +0200
Hi,
According to RFC 6895 that value (8) is used as RCODE for NXRRSET, so the filter
dns.flags.rcode == 8
Should be fine. What Wireshark version are you using?
Thanks,
Jaap
On 29 Mar 2017, at 10:23, Abdul Khader <akhader () ies etisalat ae> wrote: Dear All, Any wireshark filter which would give me NXRRSET and does not include NXDOMAIN To get NXDOMAIN, we can use dns.flags.rcode == 3 But how do we get NXRRSET ? dns.flags.rcode == 8 or dns.flags.rcode == 0x8 does not work.
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Abdul Khader (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Jaap Keuter (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Abdul Khader (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Jaap Keuter (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Abdul Khader (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Abdul Khader (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Jaap Keuter (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Abdul Khader (Mar 29)
- Re: Any wireshark filter to differentiate between NXDOMAIN and NXRRSET Jaap Keuter (Mar 29)