First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Force dissection with "Analyze TCP sequence numbers" enabled

  • retag add tags

I developed a dissector for a custom protocol and it works pretty well.

When used with a TCP stream, it doesn't seem to dissect any packet that isn't valid in the stream.

  • Continuation to #XXX
  • TCP Spurious Retransmission
  • TCP Retransmission

I can see the length and the payload are correct and for debugging, I'd like to also dissect all these packets individually as if they don't need to be reassembled to be parsed.

How can I do that?

I already disabled allow dissector to reassemble and reassemble out-of-order segments.

It seems to do it when I disable Analyze TCP sequence numbers but I loose the information of the retransmissions.

Thank you!

alexis's avatar
3
alexis
asked 2024-06-28 05:44:06 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

There is a TCP preference called "do not call sub dissector for error packets" or similar. Change its value, as it controls whether retransmissions are sent to the next dissector.

johnthacker's avatar
156
johnthacker
answered 2024-07-03 21:45:14 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer