2020-01-06 20:46:15 +0000 | received badge | ● Famous Question (source) |
2019-08-07 02:03:12 +0000 | received badge | ● Notable Question (source) |
2019-08-07 02:03:12 +0000 | received badge | ● Popular Question (source) |
2019-05-17 14:39:38 +0000 | received badge | ● Famous Question (source) |
2019-01-31 16:03:21 +0000 | received badge | ● Popular Question (source) |
2019-01-31 16:03:21 +0000 | received badge | ● Notable Question (source) |
2018-06-25 09:41:45 +0000 | marked best answer | Why this is not a "TCP previous segment not captured" Hi, I am implementing "TCP segment not captured" analysis flag (aka Wireshark display filter "tcp.analysis.lost_segment") in my application. With this PCAP file I get a false positive with frame #15328. In Wireshark there is no analysis flag set for this frame. But I would expect a "TCP previous segment not captured" with this. Can somebody explain why frame #15328 shall have no "TCP previous segment not captured"? The previous frame in the same direction (#15327) got the analysis flag "TCP Retransmission" and therefore it is not considered to set the "Next expected sequence number", which is then relevant for frame #15328.
Any idea? Thank you! |
2018-06-25 09:41:45 +0000 | received badge | ● Scholar (source) |
2018-06-25 09:41:37 +0000 | commented answer | Why this is not a "TCP previous segment not captured" I have just found the bug in my implementation. I was not considering #15327 for "Next expected sequence number" because |
2018-06-20 06:33:16 +0000 | commented answer | Why this is not a "TCP previous segment not captured" This sounds reasonable. And yes, with ignoring #15327 I get what I expected. But I would like to understand the "defaul |
2018-06-19 13:53:28 +0000 | asked a question | Why this is not a "TCP previous segment not captured" Why this is not a "TCP previous segment not captured" Hi, I am implementing "TCP segment not captured" analysis flag (a |
2018-05-14 07:08:09 +0000 | commented answer | Wireshark not showing all "TCP window full"? Thank you for the confirmation. I have opened this bug report |
2018-05-04 14:36:34 +0000 | commented answer | Wireshark not showing all "TCP window full"? Great! This sounds very reasonable. I was not aware of WindowSize is not negotiated but WindowScale is. Maybe the prob |
2018-05-04 13:48:50 +0000 | edited question | Wireshark not showing all "TCP window full"? Wireshark not showing all "TCP window full"? Hi, With this PCAP file, Wireshark (v2.6.0) shows 4 "TCP Window Full" even |
2018-05-04 13:09:55 +0000 | commented answer | Wireshark not showing all "TCP window full"? Thank you for your answer. With packet 79 the remaining window bytes are 0. With packet 80 the window size is increased |
2018-05-04 12:12:54 +0000 | commented question | Wireshark not showing all "TCP window full"? Great, didn't know cloudshark.org... Here is the file |
2018-05-04 11:21:05 +0000 | received badge | ● Organizer (source) |
2018-05-04 10:44:23 +0000 | received badge | ● Editor (source) |
2018-05-04 10:44:23 +0000 | edited question | Wireshark not showing all "TCP window full"? TCP window full Hi, With this PCAP file, Wireshark (v2.6.0) shows 4 "TCP Window Full" events using the display filter " |
2018-05-04 10:43:48 +0000 | asked a question | Wireshark not showing all "TCP window full"? TCP window full Hi, With this PCAP file, Wireshark (v2.6.0) shows 4 "TCP Window Full" events using the display filter " |