I've been using wireshark and noticed that I no longer see UDP but QUIC, why is this the case?
Why Only QUIC and Not UDP is Seen During Wireshark Capture
udpwireshark
Related Solutions
Clear the expression ip.addr==192.168.0.1 filter. This is probably whats filtering out what you want to see. You can tell by the very first column in WireShark, Look at the No. jumps at DNS No.94 to SSDP No. 680 --- So about 500 entries you arent seeing. You can also turn off the ssdp discovery service in windows to eliminate that ssdp mess.
I managed to show them (as UPD protocol packets) by disabling the Vimba GigE Vision Filter Driver, thanks to the answers in the rest of this post.
Best Answer
Wireshark uses dissectors and lua scripts to analyze and classify capture traffic (or parts thereof). What is displayed in the Protocol field of Wireshark's Packet List Pane is the information returned that is most specific after analyzing the data and will determine how the data is presented.
If the UDP dissector is the most specific dissector for the captured data, than the Protocol column will show UDP. However many types of UDP traffic will be identified (SIP, RTP, DNS, etc).
The same is true for TCP traffic as well. Typically you will see this as HTTP, FTP, IRC, etc.
In your case because the traffic has been analyzed as QUIC data. It may or may not be QUIC traffic; no program of this type is perfect, but Wireshark will be correct more often than not.
QUIC is one of the "newer" classifications, as it appears to have been added in 1.11.3/1.12.0. If you were using a version of Wireshark prior to these versions, the same traffic may likely have been classified as UDP (or another protocol).
If you don't want the QUIC protocol to be identified, simply go to the "Analyze" menu and select "Enabled Protocols" from the list. Find the entry for QUIC and uncheck the box.