Closed rcgraves closed 8 years ago
That is because you have specified with "-X" that you only want A, AAAA, CNAME, PTR, NXDOMAIN, SERVFAIL and REFUSED.
Please run "passivedns -h" to see alle the options for the "-X" parameter
Oops. This can stay closed.
To clarify: the server return code flags are effectively ORed with the record type flags, not ANDed. So even if you think you selected just A (noerror or nxdomain) you will also get NXDOMAIN for all other record types.
I could imagine splitting record type and return code into separate flags to admire ANDing, but that would be backwards incompatible for questionable gain, so never mind.
I am running passivedns -f SMcsCQTAtn -C 5 -P 5 -X 46CPxsr
For TXT/MX/SRV/SOA lookups, I am only seeing logs for error responses: NXDOMAIN, REFUSED.
A/AAAA/CNAME/PTR are logging just fine.