Wireshark-users: Re: [Wireshark-users] how to get round trip time and identify FIN-ACK and ACK pa
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Martin Isaksson <martin.isaksson@xxxxxxxxxxxx>
Date: Thu, 21 Jun 2012 12:33:19 +0200
Hi,
 
try the tcp.flags.fin==1, tcp.stream, tcp.analysis.ack_rtt and tcp.analysis.acks_frame fields.
 
Regards,
Martin

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of esolve esolve
Sent: den 21 juni 2012 12:01
To: wireshark-users@xxxxxxxxxxxxx
Subject: Re: [Wireshark-users] how to get round trip time and identify FIN-ACK and ACK pairs

so nobody has any idea?
the intuitive idea is to use sequence number/ack number, but it may be a bit troublesome, any other ideas? thanks

2012/6/20 esolve esolve <esolvepolito@xxxxxxxxx>
Hi, all,

 I want to get round trip time distribution from a pcap file.  My
idea is to compute each round trip time for each pair of data packets
and ack packets. But the difficulty is to identify the pairs, namely,
for each data packet(ack packet) I need to find the corresponding ack
packet(data packet). How can I achieve this?

  Besides, for the find tcp tear-down process, how to identify each
FIN-ACK and ACK pair? thanks!