I am using Wireshark to analyze TCP packets (originally USB packets from total phase that get converted into pcapng for wireshark). There is currently a script that converts the total phase .csv export into a pcapng that is opened with Wireshark. Wireshark is currently showing retransmissions, DUP ACKs and out of order packets, and I am noticing that some packets that are transmitted around the same time as the DUP ACKs and before the retransmission are never acknowledged (ACK number doesn't update with it).
Additionally, the packet that is retransmitted, is one that has already been acknowledged (e.g. packet 1) rather than the ones after it that have not been acknowledged (e.g. packet 2, 3). After the retransmission, the transfer carries on without the acknowledgement number ever updating to be the packets that were not acknowledged (e.g. ACK number will never show 2, 3, but will move on to 4, 5, etc after 1 has been retransmitted).
However, when I send data from Server to Client and open up the file that was sent to Client, it is identical to the one that was sent from the server, which suggests that data is not being lost or corrupted. I'm not quite sure why Wireshark is displaying these (possibly the script that converts the csv to pcapng is affecting this or maybe a Wireshark related reason), so any help would be appreciated. The reason it may not be the script is because this was known to be working last month, with Wireshark giving no such flags, but now this is not the case - the main change made during this period was switching from two linux devices to one.
Thanks
