How can I read TLS information (record length, record type...) from a packet using scapy. I have used load_layer('tls') and I'm able to read some information when there is a single TLS record in a packet but when there is multiple TLS record in a packet I'm only able to read the first TLS record.
For exemple this packet contain 3 TLS record and when I want to read the records length with scapy I only get the first record length
解决方案
Total TLS decoding
As you've found, scapy doesn't decode the entire packet. But this is fine, because we can manually decode the TLS sections that scapy currently considers as a "Raw load" of bytes.
>>> pkts = rdpcap("facebook.com.pcap")
>>> extra_tls_layers = TLS(pkts[5]["TLS"].load)
>>> # We can see that TLS is now decoded, with two new layers:
>>> extra_tls_layers.show()
###[ TLS ]###
type= application_data
version= TLS 1.2
len= 1017 [deciphered_len= 1017]
iv= b''
\msg\
|###[ TLS Application Data ]###
| data= '\x1f\x11\xc4\xab\x920l\xae