Wireshark-bugs: [Wireshark-bugs] [Bug 11413] New: RTP Lua reassemble does not work for more than
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 03 Aug 2015 10:15:12 +0000
Bug ID 11413
Summary RTP Lua reassemble does not work for more than two packages if offset is 0
Product Wireshark
Version 0.99.8
Hardware x86
OS Windows 7
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter daniel.f.starke@freenet.de 

Created attachment 13769 [details]
example trace

Build Information:
Version 1.99.9-59-g9557c73 (v1.99.9rc0-59-g9557c73 from master)

Copyright 1998-2015 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.1, with WinPcap (unknown), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, without PortAudio,
with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale C, with
WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version
1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, without
AirPcap.
       Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz (with SSE4.2), with 4007MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 31101

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Using to following script to reassemble a RTP protocol with Lua does not work
if desegment_offset  is set to 0 and more than two packages are needed
together. As RTP is a real time protocol with a packet for each interval it
happens that there are packets with basically no payload (only zeroes). The
user data however is still continuous in my case which makes it impossible to
reassemble more than two frames without cutting off some data from the first
frame each time I request another frame via pinfo.desegment_len =
DESEGMENT_ONE_MORE_SEGMENT (see commented line in the script below).

do -- namespace

-- declare our protocol
proto = Proto("myProto", "My Protocol")
protoFrameSize = 480
protoMaxPayload = 54

getTs = Field.new("rtp.timestamp")

function proto.dissector(buffer, pinfo, tree)
    if ((getTs().value / protoFrameSize) % 3) < 2 then
        tree:add(proto, buffer(0, buffer:len()), "incomplete: " ..
buffer:len())
        pinfo.desegment_offset = getTs().value / protoFrameSize
        -- pinfo.desegment_offset = 0 -- this does not work
        pinfo.desegment_len = DESEGMENT_ONE_MORE_SEGMENT
        return
    else
        tree:add(proto, buffer(0, buffer:len()), "complete: " .. buffer:len())
        pinfo.desegment_len = 0
        return
    end
end

-- load the rtp.pt table
local rtpTable = DissectorTable.get("rtp.pt")
-- register our protocol to handle payload type ITU-T G.711 PCMA
rtpTable:add(8, proto)

end -- end of namespace

I have also a little example trace attached.

You are receiving this mail because:
  • You are watching all bug changes.