Wireshark 3.4.8 - Cannot get DNS name resolution to work
Hi,
I have a DNS server (MaraDNS) hosted on one of my machines, on 192.168.0.103.
Wireshark is running on a Windows machine. That Windows machine has two network adapter, on different networks (192.168.0 and 192.168.1), and networking on one adapter is configured to point to 192.168.103 as DNS (the other one is left blank/default). nslookup works when I run it on this Windows machine.
I know that Wireshark is supposed to be able to do DNS name resolution, and I have set various options under Preferences => Name Resolution, but it doesn't seem to be working for me.
Actually, today, while I trying different settings, Wireshark did show the hostnames, but then when I started a new capture, the hostnames no longer were shown, and I haven't been able to get them to appear anymore.
Thanks, Jim
Did you try adding your DNS server to the custom DNS list?
In the lower right corner of the Wireshark Gui, the "Profile" name is displayed.
What is the output of
C:\>tshark -G currentprefs -C "profile name" | findstr nameres
(you may have to specify a full path to
tshark
if the Wireshark directory is not in the path)