I have a wifi router. I'm able to connect to this wifi by another linux machine, a windows machine and 3 phone and able to use web as expected. but my main production linux pc can not resolve any domain. This pc has no problem with any other wifi router.
as i found out i have problem with TCP packages, therefore i came to conclusion that I might have The TCP window scaling problem.
but after trying both fixes. i still face the same problem.
I got some log file but was unable to find any clue as what the problem is.
I'm not sure this is a problem of firewall of router.
## current tcp rmem
[suren@HaghDazhDefoov ~]$ cat /proc/sys/net/ipv4/tcp_rmem
4096 131072 6291456
## boken tcp window fix
[suren@HaghDazhDefoov ~]$ cat /etc/sysctl.d/99-disable_window_scaling.conf
net.ipv4.tcp_window_scaling = 0
## output of "ip a" when only connected to wifi
[suren@HaghDazhDefoov ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 30:f9:ed:aa:b5:fb brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 3c:77:e6:df:33:cd brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
valid_lft 3485sec preferred_lft 3485sec
inet6 fe80::f87d:6187:111:2016/64 scope link noprefixroute
valid_lft forever preferred_lft forever
## pinging 8.8.8.8
[suren@HaghDazhDefoov ~]$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=113 time=35.0 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=113 time=34.6 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=113 time=34.0 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 33.984/34.517/34.983/0.410 ms
## pinging google.com
[suren@HaghDazhDefoov ~]$ ping google.com
ping: google.com: Temporary failure in name resolution
## pinging dns.google
[suren@HaghDazhDefoov ~]$ ping dns.google
ping: dns.google: Temporary failure in name resolution
## browser when searchin "https://duckduckgo.com/?t=ffab&q=hello"
Hmm. We’re having trouble finding that site.
We can’t connect to the server at duckduckgo.com.
If that address is correct, here are three other things you can try:
Try again later.
Check your network connection.
If you are connected but behind a firewall, check that Firefox has permission to access the Web.
## tshark when searching "https://duckduckgo.com/?t=ffab&q=hello"
[suren@HaghDazhDefoov ~]$ tshark -f "udp"
Capturing on 'wlan0'
** (tshark:9522) 16:02:30.488462 [Main MESSAGE] -- Capture started.
** (tshark:9522) 16:02:30.488539 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0LPWCR1.pcapng"
1 0.000000000 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
2 63.023463698 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
3 98.273921536 192.168.1.1 → 192.168.1.255 BROWSER 255 Local Master Announcement ADSL ROUTER, Workstation, Server, Print Queue Server, Xenix Server, NT Workstation, NT Server, Master Browser, DFS server
4 98.276511349 192.168.1.1 → 192.168.1.255 BROWSER 254 Domain/Workgroup Announcement WORKGROUP, NT Workstation, Domain Enum
5 127.118756191 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
6 176.148691566 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x624bc7 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
7 176.150414566 fe80::2aa:bbff:fe01:2340 → fe80::f87d:6187:111:2016 DHCPv6 128 Advertise XID: 0x624bc7 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
8 191.669499823 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
^C8 packets captured
[suren@HaghDazhDefoov ~]$ tshark -f "tcp"
Capturing on 'wlan0'
** (tshark:9549) 16:02:32.408527 [Main MESSAGE] -- Capture started.
** (tshark:9549) 16:02:32.408598 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0G6WDR1.pcapng"
^C0 packets captured
## tshark when browser is looking 8.8.8.8 (dns.google)
[suren@HaghDazhDefoov ~]$ tshark -f "udp"
Capturing on 'wlan0'
** (tshark:13047) 16:10:43.038453 [Main MESSAGE] -- Capture started.
** (tshark:13047) 16:10:43.038521 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0XCNAR1.pcapng"
1 0.000000000 192.168.1.103 → 8.8.8.8 QUIC 1399 Initial, DCID=5273f12fbfd241d7, SCID=fe6b7a, PKN: 0, CRYPTO
2 0.036500531 8.8.8.8 → 192.168.1.103 QUIC 1399 Initial, DCID=fe6b7a, SCID=5273f12fbfd241d7, PKN: 1, ACK, CRYPTO, PADDING
3 0.037840846 192.168.1.103 → 8.8.8.8 QUIC 1399 Initial, DCID=5273f12fbfd241d7, SCID=fe6b7a, PKN: 1, ACK
4 0.068252867 8.8.8.8 → 192.168.1.103 QUIC 1399 Handshake, DCID=fe6b7a, SCID=5273f12fbfd241d7
5 0.068507042 8.8.8.8 → 192.168.1.103 QUIC 1399 Handshake, DCID=fe6b7a, SCID=5273f12fbfd241d7
6 0.068586253 192.168.1.103 → 8.8.8.8 QUIC 84 Handshake, DCID=5273f12fbfd241d7, SCID=fe6b7a
7 0.068723523 192.168.1.103 → 8.8.8.8 QUIC 84 Handshake, DCID=5273f12fbfd241d7, SCID=fe6b7a
8 0.074418309 8.8.8.8 → 192.168.1.103 QUIC 1399 Handshake, DCID=fe6b7a, SCID=5273f12fbfd241d7
9 0.074712523 192.168.1.103 → 8.8.8.8 QUIC 84 Handshake, DCID=5273f12fbfd241d7, SCID=fe6b7a
10 0.074772931 8.8.8.8 → 192.168.1.103 QUIC 1037 Protected Payload (KP0), DCID=fe6b7a
11 0.077713359 192.168.1.103 → 8.8.8.8 QUIC 85 Handshake, DCID=5273f12fbfd241d7, SCID=fe6b7a
12 0.083844761 192.168.1.103 → 8.8.8.8 QUIC 150 Protected Payload (KP0), DCID=5273f12fbfd241d7
13 0.083932875 192.168.1.103 → 8.8.8.8 QUIC 111 Protected Payload (KP0), DCID=5273f12fbfd241d7
14 0.084458204 192.168.1.103 → 8.8.8.8 QUIC 342 Protected Payload (KP0), DCID=5273f12fbfd241d7
15 0.118301561 8.8.8.8 → 192.168.1.103 QUIC 138 Protected Payload (KP0), DCID=fe6b7a
16 0.119208202 8.8.8.8 → 192.168.1.103 QUIC 72 Protected Payload (KP0), DCID=fe6b7a
17 0.119488157 192.168.1.103 → 8.8.8.8 QUIC 73 Protected Payload (KP0), DCID=5273f12fbfd241d7
18 0.120487453 8.8.8.8 → 192.168.1.103 QUIC 541 Protected Payload (KP0), DCID=fe6b7a
19 0.120690605 8.8.8.8 → 192.168.1.103 QUIC 70 Protected Payload (KP0), DCID=fe6b7a
20 0.121794077 192.168.1.103 → 8.8.8.8 QUIC 78 Protected Payload (KP0), DCID=5273f12fbfd241d7
21 0.181487059 8.8.8.8 → 192.168.1.103 QUIC 70 Protected Payload (KP0), DCID=fe6b7a
^C21 packets captured
[suren@HaghDazhDefoov ~]$ tshark -f "tcp"
Capturing on 'wlan0'
** (tshark:13087) 16:10:44.961791 [Main MESSAGE] -- Capture started.
** (tshark:13087) 16:10:44.961856 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0IXDOR1.pcapng"
^C0 packets captured
## browser when looking 1.1.1.1
* fully loads the web page
## tshark when browser is looking 1.1.1.1
[suren@HaghDazhDefoov ~]$ tshark -f "udp"
Capturing on 'wlan0'
** (tshark:14152) 16:13:20.801786 [Main MESSAGE] -- Capture started.
** (tshark:14152) 16:13:20.801849 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0Z6XRR1.pcapng"
1 0.000000000 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
^C1 packet captured
[suren@HaghDazhDefoov ~]$ tshark -f "tcp"
Capturing on 'wlan0'
** (tshark:14202) 16:13:22.201733 [Main MESSAGE] -- Capture started.
** (tshark:14202) 16:13:22.201795 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0CN36Q1.pcapng"
1 0.000000000 192.168.1.103 → 1.1.1.1 TCP 70 48178 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=3750311079 TSecr=0
2 0.007435782 1.1.1.1 → 192.168.1.103 TCP 62 443 → 48178 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1452 SACK_PERM=1
3 0.007499826 192.168.1.103 → 1.1.1.1 TCP 54 48178 → 443 [ACK] Seq=1 Ack=1 Win=64240 Len=0
4 0.011248531 192.168.1.103 → 1.1.1.1 TLSv1 571 Client Hello
5 0.018716763 1.1.1.1 → 192.168.1.103 TCP 54 443 → 48178 [ACK] Seq=1 Ack=518 Win=65535 Len=0
6 0.325202631 1.1.1.1 → 192.168.1.103 TLSv1.3 1506 Server Hello, Change Cipher Spec
7 0.325264175 192.168.1.103 → 1.1.1.1 TCP 54 48178 → 443 [ACK] Seq=518 Ack=1453 Win=63888 Len=0
8 0.325587393 1.1.1.1 → 192.168.1.103 TCP 1506 443 → 48178 [ACK] Seq=1453 Ack=518 Win=65535 Len=1452 [TCP segment of a reassembled PDU]
9 0.325614363 192.168.1.103 → 1.1.1.1 TCP 54 48178 → 443 [ACK] Seq=518 Ack=2905 Win=62436 Len=0
10 0.325800475 1.1.1.1 → 192.168.1.103 TLSv1.3 359 Application Data
11 0.325823974 192.168.1.103 → 1.1.1.1 TCP 54 48178 → 443 [ACK] Seq=518 Ack=3210 Win=63888 Len=0
12 0.350480518 192.168.1.103 → 1.1.1.1 TLSv1.3 118 Change Cipher Spec, Application Data
13 0.351007392 192.168.1.103 → 1.1.1.1 TLSv1.3 224 Application Data
14 0.351051206 192.168.1.103 → 1.1.1.1 TLSv1.3 392 Application Data
15 0.357193242 1.1.1.1 → 192.168.1.103 TCP 54 443 → 48178 [ACK] Seq=3210 Ack=582 Win=65535 Len=0
16 0.357464619 1.1.1.1 → 192.168.1.103 TLSv1.3 116 Application Data
17 0.357634575 192.168.1.103 → 1.1.1.1 TLSv1.3 85 Application Data
18 0.357673144 1.1.1.1 → 192.168.1.103 TCP 54 443 → 48178 [ACK] Seq=3272 Ack=752 Win=65535 Len=0
19 0.357701249 1.1.1.1 → 192.168.1.103 TLSv1.3 85 Application Data
20 0.358616924 1.1.1.1 → 192.168.1.103 TCP 54 443 → 48178 [ACK] Seq=3303 Ack=1090 Win=65535 Len=0
21 0.364170474 1.1.1.1 → 192.168.1.103 TCP 54 443 → 48178 [ACK] Seq=3303 Ack=1121 Win=65535 Len=0
22 0.372327767 1.1.1.1 → 192.168.1.103 TLSv1.3 899 Application Data
23 0.372424096 192.168.1.103 → 1.1.1.1 TCP 54 48178 → 443 [ACK] Seq=1121 Ack=4148 Win=63888 Len=0
^C23 packets captured
## tshark when commanding "curl 8.8.8.8"
[suren@HaghDazhDefoov ~]$ tshark -f "udp"
Capturing on 'wlan0'
** (tshark:16006) 16:17:15.951751 [Main MESSAGE] -- Capture started.
** (tshark:16006) 16:17:15.951816 [Main MESSAGE] -- File: "/tmp/wireshark_wlan01OKOR1.pcapng"
1 0.000000000 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
2 15.856196023 192.168.1.103 → 192.168.1.1 DHCP 334 DHCP Request - Transaction ID 0xe7409d77
3 15.897783533 192.168.1.1 → 192.168.1.103 DHCP 590 DHCP ACK - Transaction ID 0xe7409d77
4 63.008400093 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xc2dc2689
^C4 packets captured
[suren@HaghDazhDefoov ~]$ tshark -f "tcp"
Capturing on 'wlan0'
** (tshark:15966) 16:17:12.791782 [Main MESSAGE] -- Capture started.
** (tshark:15966) 16:17:12.791872 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0X25RR1.pcapng"
1 0.000000000 192.168.1.103 → 8.8.8.8 TCP 70 52250 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=2559975760 TSecr=0
2 1.019646839 192.168.1.103 → 8.8.8.8 TCP 70 [TCP Retransmission] [TCP Port numbers reused] 52250 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=2559976780 TSecr=0
3 3.206316934 192.168.1.103 → 8.8.8.8 TCP 70 [TCP Retransmission] [TCP Port numbers reused] 52250 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=2559978967 TSecr=0
4 7.259669322 192.168.1.103 → 8.8.8.8 TCP 70 [TCP Retransmission] [TCP Port numbers reused] 52250 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=2559983020 TSecr=0
^C4 packets captured
## tshark when connecting to wlan
[suren@HaghDazhDefoov ~]$ tshark -f "udp"
Capturing on 'wlan0'
** (tshark:17224) 16:20:07.761710 [Main MESSAGE] -- Capture started.
** (tshark:17224) 16:20:07.761784 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0FOLHR1.pcapng"
1 0.000000000 0.0.0.0 → 255.255.255.255 DHCP 340 DHCP Request - Transaction ID 0x6425c2a1
2 0.076686291 192.168.1.1 → 192.168.1.103 DHCP 590 DHCP ACK - Transaction ID 0x6425c2a1
3 0.255986179 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1f40c8
4 0.672313249 192.168.1.103 → 192.168.1.1 DNS 78 Standard query 0x9647 A ping.archlinux.org
5 0.672336875 192.168.1.103 → 192.168.1.1 DNS 78 Standard query 0x207c A ping.archlinux.org
6 0.672339158 192.168.1.103 → 192.168.1.1 DNS 78 Standard query 0xd83d AAAA ping.archlinux.org
7 0.672341387 192.168.1.103 → 192.168.1.1 DNS 78 Standard query 0x9370 AAAA ping.archlinux.org
8 0.679557901 192.168.1.1 → 192.168.1.103 DNS 117 Standard query response 0x9647 A ping.archlinux.org CNAME redirect.archlinux.org A 95.216.195.133
9 0.680696942 192.168.1.1 → 192.168.1.103 DNS 117 Standard query response 0x207c A ping.archlinux.org CNAME redirect.archlinux.org A 95.216.195.133
10 0.681340367 192.168.1.1 → 192.168.1.103 DNS 129 Standard query response 0xd83d AAAA ping.archlinux.org CNAME redirect.archlinux.org AAAA 2a01:4f9:c010:2636::1
11 0.681518338 192.168.1.1 → 192.168.1.103 DNS 129 Standard query response 0x9370 AAAA ping.archlinux.org CNAME redirect.archlinux.org AAAA 2a01:4f9:c010:2636::1
12 2.786016424 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
13 3.603504809 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1f40c8
14 3.810375603 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
15 5.892627018 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
16 10.364967158 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
17 11.038399935 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1f40c8
18 19.408780846 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
19 19.469618678 fe80::2aa:bbff:fe01:2340 → fe80::f87d:6187:111:2016 DHCPv6 128 Advertise XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
20 26.771847438 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1f40c8
21 39.050102453 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
22 39.051974964 fe80::2aa:bbff:fe01:2340 → fe80::f87d:6187:111:2016 DHCPv6 128 Advertise XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
23 59.585082866 0.0.0.0 → 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1f40c8
24 80.178828953 fe80::f87d:6187:111:2016 → ff02::1:2 DHCPv6 128 Solicit XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
25 80.180876803 fe80::2aa:bbff:fe01:2340 → fe80::f87d:6187:111:2016 DHCPv6 128 Advertise XID: 0x763f58 CID: 0004534ed4d045b111e3ad1d30f9edaab5fb
^C25 packets captured
[suren@HaghDazhDefoov ~]$ tshark -f "tcp"
Capturing on 'wlan0'
** (tshark:17166) 16:20:02.345127 [Main MESSAGE] -- Capture started.
** (tshark:17166) 16:20:02.345201 [Main MESSAGE] -- File: "/tmp/wireshark_wlan0VTTFR1.pcapng"
1 0.000000000 192.168.1.103 → 95.216.195.133 TCP 70 43928 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=3555629703 TSecr=0
2 0.082192160 95.216.195.133 → 192.168.1.103 TCP 70 80 → 43928 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1452 SACK_PERM=1 TSval=2359101468 TSecr=3555629703
3 0.082245387 192.168.1.103 → 95.216.195.133 TCP 66 43928 → 80 [ACK] Seq=1 Ack=1 Win=64240 Len=0 TSval=3555629785 TSecr=2359101468
4 0.082352151 192.168.1.103 → 95.216.195.133 HTTP 154 GET /nm-check.txt HTTP/1.1
5 0.164939225 95.216.195.133 → 192.168.1.103 TCP 66 80 → 43928 [ACK] Seq=1 Ack=89 Win=65072 Len=0 TSval=2359101551 TSecr=3555629785
6 0.164965694 95.216.195.133 → 192.168.1.103 HTTP 270 HTTP/1.1 200 OK (text/plain)
7 0.165014762 192.168.1.103 → 95.216.195.133 TCP 66 43928 → 80 [ACK] Seq=89 Ack=205 Win=64036 Len=0 TSval=3555629868 TSecr=2359101551
8 0.165173047 95.216.195.133 → 192.168.1.103 TCP 66 80 → 43928 [FIN, ACK] Seq=205 Ack=89 Win=65072 Len=0 TSval=2359101551 TSecr=3555629785
9 0.165186425 192.168.1.103 → 95.216.195.133 TCP 66 43928 → 80 [FIN, ACK] Seq=89 Ack=205 Win=64036 Len=0 TSval=3555629868 TSecr=2359101551
10 0.165202467 192.168.1.103 → 95.216.195.133 TCP 66 43928 → 80 [ACK] Seq=90 Ack=206 Win=64035 Len=0 TSval=3555629868 TSecr=2359101551
11 0.248382694 95.216.195.133 → 192.168.1.103 TCP 66 80 → 43928 [ACK] Seq=206 Ack=90 Win=65071 Len=0 TSval=2359101635 TSecr=3555629868
^C11 packets captured
## expected tshark behaivior when pinging "dns.google"
[suren@HaghDazhDefoov ~]$ tshark -f "udp"
Capturing on 'usb0'
** (tshark:22474) 16:29:09.011670 [Main MESSAGE] -- Capture started.
** (tshark:22474) 16:29:09.011777 [Main MESSAGE] -- File: "/tmp/wireshark_usb0KL0AR1.pcapng"
1 0.000000000 192.168.42.240 → 192.168.42.129 DNS 70 Standard query 0x08f4 A dns.google
2 0.000019202 192.168.42.240 → 192.168.42.129 DNS 70 Standard query 0xa7f1 AAAA dns.google
3 0.002899707 192.168.42.129 → 192.168.42.240 DNS 102 Standard query response 0x08f4 A dns.google A 8.8.8.8 A 8.8.4.4
4 0.003056476 192.168.42.129 → 192.168.42.240 DNS 126 Standard query response 0xa7f1 AAAA dns.google AAAA 2001:4860:4860::8844 AAAA 2001:4860:4860::8888
5 0.056110777 192.168.42.240 → 192.168.42.129 DNS 80 Standard query 0xf865 PTR 8.8.8.8.in-addr.arpa
6 0.068899587 192.168.42.129 → 192.168.42.240 DNS 104 Standard query response 0xf865 PTR 8.8.8.8.in-addr.arpa PTR dns.google
7 1.043821229 192.168.42.240 → 192.168.42.129 DNS 80 Standard query 0x3a8f PTR 8.8.8.8.in-addr.arpa
8 1.047054713 192.168.42.129 → 192.168.42.240 DNS 104 Standard query response 0x3a8f PTR 8.8.8.8.in-addr.arpa PTR dns.google
9 2.044985020 192.168.42.240 → 192.168.42.129 DNS 80 Standard query 0xbcf5 PTR 8.8.8.8.in-addr.arpa
10 2.047600361 192.168.42.129 → 192.168.42.240 DNS 104 Standard query response 0xbcf5 PTR 8.8.8.8.in-addr.arpa PTR dns.google
11 3.061820876 192.168.42.240 → 192.168.42.129 DNS 80 Standard query 0xb161 PTR 8.8.8.8.in-addr.arpa
12 3.063503042 192.168.42.129 → 192.168.42.240 DNS 104 Standard query response 0xb161 PTR 8.8.8.8.in-addr.arpa PTR dns.google
13 4.059973868 192.168.42.240 → 192.168.42.129 DNS 80 Standard query 0x1058 PTR 8.8.8.8.in-addr.arpa
14 4.061416618 192.168.42.129 → 192.168.42.240 DNS 104 Standard query response 0x1058 PTR 8.8.8.8.in-addr.arpa PTR dns.google
15 5.049755499 192.168.42.240 → 192.168.42.129 DNS 80 Standard query 0xe73e PTR 8.8.8.8.in-addr.arpa
16 5.053474380 192.168.42.129 → 192.168.42.240 DNS 104 Standard query response 0xe73e PTR 8.8.8.8.in-addr.arpa PTR dns.google
17 6.609881212 192.168.42.240 → 192.168.42.129 DNS 78 Standard query 0x695c A ping.archlinux.org
18 6.609900883 192.168.42.240 → 192.168.42.129 DNS 78 Standard query 0xba41 AAAA ping.archlinux.org
19 6.613208835 192.168.42.129 → 192.168.42.240 DNS 130 Standard query response 0x695c A ping.archlinux.org CNAME redirect.archlinux.org A 95.216.195.133
20 6.613356975 192.168.42.129 → 192.168.42.240 DNS 142 Standard query response 0xba41 AAAA ping.archlinux.org CNAME redirect.archlinux.org AAAA
2a01:4f9:c010:2636::1
^C20 packets captured
[suren@HaghDazhDefoov ~]$ tshark -f "tcp"
Capturing on 'usb0'
** (tshark:22515) 16:29:10.585018 [Main MESSAGE] -- Capture started.
** (tshark:22515) 16:29:10.585083 [Main MESSAGE] -- File: "/tmp/wireshark_usb0CJWLR1.pcapng"
1 0.000000000 201.159.221.67 → 192.168.42.240 TLSv1.2 112 Application Data
2 0.000053102 192.168.42.240 → 201.159.221.67 TCP 66 39360 → 443 [ACK] Seq=1 Ack=47 Win=63360 Len=0 TSval=2043509051 TSecr=257057568
3 0.000138681 201.159.221.67 → 192.168.42.240 TLSv1.2 97 Encrypted Alert
4 0.000182095 192.168.42.240 → 201.159.221.67 TLSv1.2 112 Application Data
5 0.000263091 192.168.42.240 → 201.159.221.67 TLSv1.2 97 Encrypted Alert
6 0.000276770 192.168.42.240 → 201.159.221.67 TCP 66 39360 → 443 [FIN, ACK] Seq=78 Ack=79 Win=63360 Len=0 TSval=2043509052 TSecr=257057568
7 0.004161623 192.124.249.23 → 192.168.42.240 TCP 66 80 → 49864 [FIN, ACK] Seq=1 Ack=1 Win=43017 Len=0 TSval=1608805673 TSecr=279621182
8 0.004321403 192.168.42.240 → 192.124.249.23 TCP 66 49864 → 80 [FIN, ACK] Seq=1 Ack=2 Win=63360 Len=0 TSval=279686140 TSecr=1608805673
9 0.058784358 192.124.249.23 → 192.168.42.240 TCP 66 80 → 49864 [ACK] Seq=2 Ack=2 Win=43016 Len=0 TSval=1608805727 TSecr=279686140
10 0.236713107 201.159.221.67 → 192.168.42.240 TCP 66 443 → 39360 [ACK] Seq=79 Ack=79 Win=32850 Len=0 TSval=257057805 TSecr=2043509051
11 1.357898953 192.168.42.239 → 34.107.221.82 TCP 66 39076 → 80 [ACK] Seq=1 Ack=1 Win=64024 Len=0 TSval=96171948 TSecr=2600489757
12 1.396923272 34.107.221.82 → 192.168.42.239 TCP 66 [TCP ACKed unseen segment] 80 → 39076 [ACK] Seq=1 Ack=2 Win=65535 Len=0 TSval=2600499996 TSecr=96079871
13 3.491232942 192.168.42.240 → 93.184.220.29 TCP 66 60444 → 80 [ACK] Seq=1 Ack=1 Win=63920 Len=0 TSval=3284010665 TSecr=444520381
14 3.536245417 93.184.220.29 → 192.168.42.240 TCP 66 [TCP ACKed unseen segment] 80 → 60444 [ACK] Seq=1 Ack=2 Win=65535 Len=0 TSval=444530623 TSecr=3283968944
15 11.597946360 192.168.42.239 → 34.107.221.82 TCP 66 [TCP Dup ACK 11#1] 39076 → 80 [ACK] Seq=1 Ack=1 Win=64024 Len=0 TSval=96182188 TSecr=2600499996
16 11.636884238 34.107.221.82 → 192.168.42.239 TCP 66 [TCP Dup ACK 12#1] [TCP ACKed unseen segment] 80 → 39076 [ACK]
Seq=1 Ack=2 Win=65535 Len=0 TSval=2600510236 TSecr=96079871
^C16 packets captured
Topic: WIFI (can't resolve most domain) (Read 411 times)
previous topic - next topic
