This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How can I follow a particular TCP stream if a packet belongs to more than one stream?

0

I have write a wireshark dissector to analyse my onw protocol whitch are more than one TCP headers in a packet, how can I check the tcp seq stream of innter tcp or outter tcp.

the packet look like the follow: [mac|outter ip|outter tcp|myprotocal header|inner ip|inner tcp|appdate]

asked 18 Sep '16, 22:59

cmqy's gravatar image

cmqy
6223
accept rate: 0%

edited 19 Sep '16, 19:19

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196

One Answer:

0

Currently, you can't; the comment in the code that produces the message you reported says

/* XXX fix this later, we should show a dialog allowing the user
   to select which session he wants here
*/

but that hasn't been fixed yet. You might want to file a request for enhancement on the Wireshark Bugzilla to make it easier to track changes for this, including any fix.

answered 19 Sep '16, 19:20

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

Thank you very much!

(21 Sep '16, 00:36) cmqy