|
I would like to enable network name resolution but only allow Wireshark to use its hosts file in %WIRESHARK%\hosts, or %APPDATA%\Wireshark\hostsdisable. It appears that when I enable network name resolution in preferences then it enables name reslution using, DNS, the windows hosts file, and the Wireshark hosts file. I often analyze very large captures from a private network while I'm attached to my corporate network, I do have a large wireshark hosts file but there are many addresses for which I do not have an entry, Wireshark resorts to DNS to attempt to resolve these names and it takes a very long time since many are not reachable and result in a timeout before proceeding. Dos anyone know if there is a way to disable DNS network name resolution while at the same time allowing network name resolution using the Wireshark hosts file? Thanks for any help!! |
|
What you want isn't possible, currently, but shouldn't be required. If you check Enable concurrent DNS name resolution in the name resolution preferences the DNS name resolving takes place without blocking further operation. According to http://c-ares.haxx.se/ares_init.html we can force the use of the local hosts file using
(15 Sep '10, 10:36)
Gerald Combs ♦♦
I added it to the wishlist.
(18 Jun '12, 21:03)
cmaynard ♦♦
I added a Bug report :-) https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7380
(19 Jun '12, 01:42)
Anders ♦
2
For the record, the bug is pretty much implemented (although the bug is still open). I also moved the WishList item to the Done section.
(10 Jul '12, 08:25)
JeffMorriss ♦
|
