Python - Does PyShark return relative sequence numbers?

Question

I know that WireShark is built upon Tshark, and that WireShark displays relative sequence numbers in the GUI for TCP conversations.

I know that PyShark is built upon Tshark. Does PyShark return relative sequence numbers for TCP conversations?

Thank you!

Answer 1

Yes, PyShark returns relative sequence numbers for TCP conversations. Meaning that, all new flows will start with a seq number of zero.

See: http://packetlife.net/blog/2010/jun/7/understanding-tcp-sequence-acknowledgment-numbers/