Wireshark · Wireshark-dev: Re: [Wireshark-dev] Accessing TCP headers from dissector

Wireshark-dev: Re: [Wireshark-dev] Accessing TCP headers from dissector

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Sat, 20 Aug 2011 11:11:27 -0700

On Aug 20, 2011, at 2:56 AM, Brian White wrote:

> I am writing a dissector (my first try) and I would like to get at the underlying TCP header of each packet I dissect (specifically the acknowledgement number).

In what way would your dissector use this information?  Implementations of the protocol your dissector is dissecting cannot, on most if not all OSes, see the ack number, as TCP just presents to protocol implementations running atop it a sequenced data stream, with no TCP segment boundaries or sequence or acknowledgment numbers visible.

References:
- [Wireshark-dev] Accessing TCP headers from dissector
  - From: Brian White

Prev by Date: [Wireshark-dev] Accessing TCP headers from dissector
Next by Date: [Wireshark-dev] gtk/capture_dlg.h
Previous by thread: [Wireshark-dev] Accessing TCP headers from dissector
Next by thread: [Wireshark-dev] gtk/capture_dlg.h
Index(es):
- Date
- Thread