Wireshark · Wireshark-users: [Wireshark-users] TCP packets greater than 1516 bytes

Wireshark-users: [Wireshark-users] TCP packets greater than 1516 bytes

From: Deborah Charan <dcharan@xxxxxxxxxx>

Date: Sat, 22 Aug 2009 12:50:13 -0500

I am looking at TCP traffic between two machines. I would like to seethe actual packets, I don't want to see the whole stream, but insteadwould like to know the actual number of packets. Since this is overethernet, the max size per packet should be ~1514 bytes.My TCP packets have 10K or 8K ... I upgraded to Wireshark 1.2.1, I haveunchecked the TCP preference for "Allow subdisectors to reassemble TCPstreams", I have tried disabling TCP and IP dissection altogether, andstill the packets are thousands of bytes. Of course the ACKs are small,and every packet is not huge, but I just want to see the packets.

I'm running on Ubuntu if that is important.

Any info would be appreciated.

Thanks,
Debbie Charan

Follow-Ups:
- Re: [Wireshark-users] TCP packets greater than 1516 bytes
  - From: Bill Meier

Prev by Date: Re: [Wireshark-users] Analyzing a "broken" FTP session
Next by Date: Re: [Wireshark-users] TCP packets greater than 1516 bytes
Previous by thread: [Wireshark-users] MATE "Character Chop Off"
Next by thread: Re: [Wireshark-users] TCP packets greater than 1516 bytes
Index(es):
- Date
- Thread