Ask Your Question

Why is the packet line with 49313 → 8027 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 red?

asked 2020-02-14 21:21:41 +0000

samwifgac gravatar image

updated 2020-02-15 12:42:43 +0000

grahamb gravatar image

New to Wireshark. Watching packets fly around, noticed a Red line, trying to figure out why its red and what it means.

49313 → 8027 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0

Any code help/definition pages out there? Thanks

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted

answered 2020-02-14 21:37:53 +0000

Chuckc gravatar image
TCP RST can be a normal ending for a TCP/IP conversation.
I'm firmly (my $.02) in the "disable colors" camp if you are new to Wireshark.
Take some time to follow through the packets without the colors distracting you.

edit flag offensive delete link more


Also note that you can see the condition causing the color to be the way it is by expanding the frame item in the packet details pane and looking at the [Coloring Rule Name: xxx] and [Coloring Rule String: yyyy] items.

grahamb gravatar imagegrahamb ( 2020-02-15 12:45:00 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2020-02-14 21:21:41 +0000

Seen: 71 times

Last updated: Feb 15