Wireshark
Zur Navigation springen
Zur Suche springen
What does it mean?
It means that
Wireshark/TShark thinks it knows what protocol is running atop TCP in that TCP segment; that TCP segment doesn't contain all of a "protocol data unit" (PDU) for that higher-level protocol, i.e. a packet or protocol message for that higher-level protocol, and doesn't contain the last part of that PDU, so it's trying to reassemble the multiple TCP segments containing that higher-level PDU. For example, an HTTP response with a lot of data in it won't fit in a single TCP segment on most networks, so it'll be split over multiple TCP segments; all but the last TCP segment will be marked as "TCP segment of a reassembled PDU".
