Dissecting ACKs
I’m writing a dissector in C to dissect TCP traffic as my custom protocol. I’m using a heuristic dissector on TCP traffic.
The packets containing the data I need (in the payload) seem to have the PSH and ACK flags and thus the packets do not pass through the dissector.
Am I missing something? Is there a setting or a type of protocol registration I am missing to be able to dissect ACKs as well as normal TCP traffic?
The ACK flag being set doesn't prevent a TCP segment from being handed to dissectors, and neither does the PSH flag. If your dissector isn't seeing those packets, that might be a bug in the TCP dissector or in your registration of the heuristic dissector.