Wireshark-users: [Wireshark-users] decoding RTP outside of conversations preference
Guy suggested I try turning this preference on (see below), but I couldn't easily find how to do this. Can someone tell me? I am using WireShark 0.99.3 (svn Rev 19011)
Thanks,
Bill
Guy Harris <guy@xxxxxxxxxxxx> wrote:
Bill Fassler wrote:
> Sorry I should have provided a better info. Anyway I do get a capture
> and I see only UDP traffic. I am sure the RTP and SIP traffic is within
> those packets.
I.e., this is "the packets *are* in the capture but aren't recognized by
Wireshark as RTP packets" case.
> I thought of a perl script to possibly parse out what I
> want to see or writing another plugin, that gets to the RTP and then
> passes it off to the appropriate dissector.
All such a plugin would do is detect RTP traffic
and cause it to be
dissected as RTP; the way to do *that* is to have the RTP dissector do
that - which is what the "try turning the 'try to decode RTP outside of
conversations preference for RTP on" suggestion was for. If a plugin
could do a better job of detecting RTP traffic than the current RTP
dissector's heuristic, it shouldn't be done as a plugin dissector, it
should be done as a change to the RTP dissector. (If the heuristics are
strong enough - i.e., they won't identify a lot of non-RTP traffic as
being RTP - they could be turned on by default.)
> In any event, I don't want
> to reinvent the wheel and I'm sure someone has already jumped this
> hurdle. I will try your "decode as" suggestion. I think this might let
> me more easily see what I want although it soudns a little cumbersome.
Why not try the other suggestion?
_______________________________________________
Wireshark-users mailing
list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
Access over 1 million songs -
Yahoo! Music Unlimited.
