wireshark手册

# 显示DNS查询消息/响应消息
dns.flags.response == 0/1
# 显示DNS响应code=1
dns.flags.rcode == 1
# 包含关键字
dns.qry.name contains xxx
 
(dns.flags.response==1) && (dns.time > 0.100) && (dns.qry.type==1) && (dns.qry.name contains xxx)

Add DNS Response Time Column to Wireshark:

Wireshark Filter to Display High DNS Response Times(100ms): dns.time > 0.100

Graphing DNS Response Times:

  • homelab/网络/wireshark/记录.txt
  • 最后更改: 2019/04/16 18:31
  • (外部编辑)