Ethereal-users: RE: [Ethereal-users] TCP Analysis flags

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "DAIGLE, ANDREW PAUL" <ADAIG90@xxxxxxxxxxx>
Date: Tue, 20 Dec 2005 17:25:15 -0600

Go to Edit->Preferences and expand the Protocols option. Scroll down to TCP and make sure that "Analyze TCP sequence numbers" is checked. When you expand the TCP header in the detail window of your trace, you will now see an additional "SEQ/ACK analysis" sub-tree. Expand that and then expand the "TCP Analysis Flags" tree below that. This will tell you what event caused the packet to be flagged by the tcp.analysis.flags rule.

 

Andrew

 

-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx [mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Felczak Andrzej
Sent: Friday, December 16, 2005 8:35 AM
To: ethereal-users@xxxxxxxxxxxx
Subject: [Ethereal-users] TCP Analysis flags

 

In an ethereal trace I encountered a frame which was colorized according to the tcp.analysis.flags rule. I would need to know the exact conditions which lead to that ethereal marked this frame. Can I find this out in any way in ethereal and how? I searched around quite a long time but did not find anything.

 

Best regards

 

Andrzej Felczak

 

Andrzej Felczak
Software development - System designer

VA TECH SAT GmbH & Co
Ruthnergasse 1
A-1210 Wien, Austria

Phone: (+43/1) 29129 4931
Fax: (+43/1) 29 28 838 or (+43/1) 29129 4649
e-mail: fa@xxxxxxxxxxxxxxxxxx
Internet: http://www.sat-automation.com