dnscap binaries
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue Mar 10 13:55:13 UTC 2009
On Tue, Mar 10, 2009 at 09:08:18AM -0400,
Josh Smith <juicewvu at gmail.com> wrote
a message of 21 lines which said:
> Also is it possible to analyze an existing pcap file with dnscap?
Yes (it was apparently broken in some old versions of dnscap)
% dnscap -g -r tmp/toto.pcap
...
[52] 2009-03-10 13:52:44.034673 [#37 tmp/toto.pcap 0] \
[217.70.190.232].46244 [217.70.184.225].53 \
dns QUERY,NOERROR,53363,rd \
1 nic.fr,IN,MX 0 0 0
[56] 2009-03-10 13:52:44.036152 [#38 tmp/toto.pcap 0] \
[217.70.190.232].46244 [217.70.184.225].53 \
dns QUERY,NOERROR,64404,rd \
1 mx1.nic.fr,IN,A 0 0 0
More information about the bind-users
mailing list