Ask Your Question
0

Force dissection with "Analyze TCP sequence numbers" enabled

asked 2024-06-28 05:44:06 +0000

alexis gravatar image

I developed a dissector for a custom protocol and it works pretty well.

When used with a TCP stream, it doesn't seem to dissect any packet that isn't valid in the stream.

  • Continuation to #XXX
  • TCP Spurious Retransmission
  • TCP Retransmission

I can see the length and the payload are correct and for debugging, I'd like to also dissect all these packets individually as if they don't need to be reassembled to be parsed.

How can I do that?

I already disabled allow dissector to reassemble and reassemble out-of-order segments.

It seems to do it when I disable Analyze TCP sequence numbers but I loose the information of the retransmissions.

Thank you!

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2024-07-03 21:45:14 +0000

johnthacker gravatar image

There is a TCP preference called "do not call sub dissector for error packets" or similar. Change its value, as it controls whether retransmissions are sent to the next dissector.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2024-06-28 05:44:06 +0000

Seen: 81 times

Last updated: Jul 03