My operational case is when capturing SNMP packets and if the server detects no/slow response (TO) it will retransmits the same request ID, application will ignore TO response and keep trying (max3) until a response within TO is received
Wireshark when displaying snmp.time associates all the delayed responses to the last transmitted SNMP get request associated to the request ID
packet 1 , id1 request get @ time 0 , snmp.time = - 30 seconds packet 2 , id1 request get @ time +10 seconds , snmp.time = - 20 seconds packet 3 , id1 request get @ time +20 seconds , snmp.time = ( no snmp.time as it is a get request ) packet 4 , id1 response @ time + 25 seconds , snmp.time = 5 seconds packet 5 , id1 response @ time + 30 seconds , snmp.time = 10 seconds packet 6 , id1 response @ time + 35 seconds , snmp.time = 15 seconds
I want (expect) packets 4-6 to have snmp.time (25,30,35)
Wireshark provide snmp.time to repeats get requests relative the last get request Wireshark provide snmp.time for responses (multiple) to last snmp get request
Is there a way to configure to display differently?