First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Why is the packet line with 49313 → 8027 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 red?

  • retag add tags

New to Wireshark. Watching packets fly around, noticed a Red line, trying to figure out why its red and what it means.

49313 → 8027 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0

Any code help/definition pages out there? Thanks

samwifgac's avatar
3
samwifgac
asked 2020-02-14 21:21:41 +0000
grahamb's avatar
23.8k
grahamb
updated 2020-02-15 12:42:43 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

https://www.wireshark.org/docs/wsug_h...
TCP RST can be a normal ending for a TCP/IP conversation.
I'm firmly (my $.02) in the "disable colors" camp if you are new to Wireshark.
Take some time to follow through the packets without the colors distracting you.

Chuckc's avatar
3k
Chuckc
answered 2020-02-14 21:37:53 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Also note that you can see the condition causing the color to be the way it is by expanding the frame item in the packet details pane and looking at the [Coloring Rule Name: xxx] and [Coloring Rule String: yyyy] items.

grahamb's avatar grahamb (2020-02-15 12:45:00 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer