On Nov 2, 2012, at 1:28 PM, Jan Willamowius <jan@xxxxxxxxxxxxxx> wrote:
> It turns out that other packets in between are responsible for the
> dissector not being called for packets that come after them. If I mark
> those to be ignored in the GUI, my dissector is called for all matching
> packets and works fine.
>
> My dissector only handles UDP packets, but strangely the stop-packets
> are all TCP packets and I have verified that my dissector never even
> gets called for them.
A dissector for one protocol can set up future (in the sense of "later in the capture") packets to or from certain endpoints to be dissected as a particular protocol. This is used, for example, for protocols such as SIP, which initiate a session and specify "use port XXX" for that session, so that future UDP traffic to or from port XXX should be dissected as RTP for that session.
What protocol(s) are in the TCP packets in question?
