How can I find http or https requests without a corresponding dns request?
I can find the packets for the requests, ssl.handshake.extensions_server_name or http.host or dns. But how do I find ones where the dns isn't there (cache)?
Is this going to have to be a lua script?
Is it possible to run tshark with filters and produce output in the pcap file that will allow me to map a dns query to a response?