Using pyshark, is it possible to display dns queries with no corresponding dns response from a pcap file? Similar to a wireshark filter dns.flags.response == 0 && !dns.response_in.
These are the only field names I see and didn't find resp_in.
['id', 'flags', 'flags_response', 'flags_opcode', 'flags_authoritative', 'flags_truncated', 'flags_recdesired', 'flags_recavail', 'flags_z', 'flags_authenticated', 'flags_checkdisable', 'flags_rcode', 'count_queries', 'count_answers', 'count_auth_rr', 'count_add_rr', '', 'qry_name', 'qry_name_len', 'count_labels', 'qry_type', 'qry_class', 'resp_name', 'resp_type', 'resp_class', 'resp_ttl', 'resp_len', 'cname', 'aaaa', 'unsolicited']