Forum Discussion
nitass
Jun 28, 2014Employee
just for reference.
if we write down $payload contains "www.google.com"]} it is not working, neither for google, nor for google.com we tried to check the payload itself (logging it) and it shows something like blablablawwwgooglecomblablabla, without the dot between google and com any idea?
QNAME is the name the query is about. The format is one octet indicating the length of a label, followed by the label, terminated by a label with 0 length.
how can i decipher dns messages?
http://stackoverflow.com/questions/13372860/how-can-i-decipher-dns-messages