dns.qry.name == “www.cordero.me”
dns.qry.name matches “.cordero.me”
dns.qry.name contains “cordero.me”
tcp.flags.reset == 1
tcp.flags.push == 1
tcp.flags.syn == 1
ip.addr == 172.16.200.1
ip.src == 172.16.200.1
ip.dst == 172.16.200.1
tcp.port eq 53
udp.port eq 53