This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

tcp options

0

I was wondering if there is some way to do this. 1. to decode the options part of tcp protocol or say dissect the options part of the tcp header. 2. once i decode the options part, get wireshark to do the rest of decoding as usual.

asked 23 Mar '11, 03:15

niks3089's gravatar image

niks3089
21151518
accept rate: 0%

1

I'm confused about the question - doesn't Wireshark do this by default? What are you looking for that you aren't seeing?

(23 Mar '11, 12:54) GeonJay

There are certain options that wireshark shows as unknown. These contain some important info which my company has requested to dissect

(27 Mar '11, 06:12) niks3089

RFC says to ignore TCP options if the the receiver doesn't know what it is. So many WAN accelerators use TCP options field to mark it as an "accelerator aware" packets.

(28 Mar '11, 18:51) hansangb

One Answer:

0

See the answers to the other place where you asked the question.

answered 27 Mar '11, 14:36

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%