Wireshark-dev: Re: [Wireshark-dev] HELP Needed to avail wireshark's functionality as a command
From: Alex Lindberg <alindber@xxxxxxxxx>
Date: Tue, 1 Jan 2013 10:50:43 -0800 (PST)
In the GUI, Wireshark will play G.711 with a built in player.
1st - You can have wireshark "see" rtp packets without doing the "Decode As" stuff.
Edit->Preferences->Protocols->RTP. Select "Try to decode RTP outside of conversations".
2nd - Wireshark will only play G.711 (Mu
or A) law.
If there is a complete "call" that is SIP/H323 setup messages + RTP then do
Telephony -> Voice Calls. Select the stream of interest and click "play"
If there is only RTP, then do:
Telephony -> RTP -> select all streams. Find the streams of interest and select "Analyze". Now click "Player".
If your RTP is not G.711, there are my answers available on Google to decode the media, but it won't be done inside Wireshark.
If you wish to create a media stream with command line tshark, there a number of scripts that will just extract the media portion of the packets and put the results together. The final file is a G711 (PCM A or MU law) file that can be played as you describe. These scripts don't do any analysis, but just look into the packet an offset where the media starts.
Alex Lindberg
From: haridas karunakaran Pillai <haridaskpillai@xxxxxxxxx>
To: wireshark-dev@xxxxxxxxxxxxx
Sent: Tuesday, January 1, 2013 12:17 AM
Subject: [Wireshark-dev] HELP Needed to avail wireshark's functionality as a command line utility/service
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
1st - You can have wireshark "see" rtp packets without doing the "Decode As" stuff.
Edit->Preferences->Protocols->RTP. Select "Try to decode RTP outside of conversations".
2nd - Wireshark will only play G.711 (Mu
or A) law.
If there is a complete "call" that is SIP/H323 setup messages + RTP then do
Telephony -> Voice Calls. Select the stream of interest and click "play"
If there is only RTP, then do:
Telephony -> RTP -> select all streams. Find the streams of interest and select "Analyze". Now click "Player".
If your RTP is not G.711, there are my answers available on Google to decode the media, but it won't be done inside Wireshark.
If you wish to create a media stream with command line tshark, there a number of scripts that will just extract the media portion of the packets and put the results together. The final file is a G711 (PCM A or MU law) file that can be played as you describe. These scripts don't do any analysis, but just look into the packet an offset where the media starts.
Alex Lindberg
From: haridas karunakaran Pillai <haridaskpillai@xxxxxxxxx>
To: wireshark-dev@xxxxxxxxxxxxx
Sent: Tuesday, January 1, 2013 12:17 AM
Subject: [Wireshark-dev] HELP Needed to avail wireshark's functionality as a command line utility/service
Hi,
I need to develop a project to pull out voice data from a pcapng file containing UDP packets; got by sniffing a port through which the calls has been went through.
I made it by using the great functionality of wireshark.
The options I used are.
1) Open the pcapng file in wireshark
2) Right click on one of the UDP packet and choose "Decode as " => in the opened box selected "transport" => choose "RTP"
Then all packets decoded as RTP packets
3) Then I used clicked "Telephoney" => "RTP" =>"Show All Streams"
4) Selected All Streams and clicked "Analyze"
5) Then I clicked "Save PayLoad"
6) Then I opted .au format and selected "both" channels and saved
7) When I played the sound using vlc played..I heard the actual sound
I got the sound...:)
But I need to know whether these options can be done from a command line using wireshark's command line options. If that possible...please let me know
Regards,
Haridas
--
So close , No matter how far
I need to develop a project to pull out voice data from a pcapng file containing UDP packets; got by sniffing a port through which the calls has been went through.
I made it by using the great functionality of wireshark.
The options I used are.
1) Open the pcapng file in wireshark
2) Right click on one of the UDP packet and choose "Decode as " => in the opened box selected "transport" => choose "RTP"
Then all packets decoded as RTP packets
3) Then I used clicked "Telephoney" => "RTP" =>"Show All Streams"
4) Selected All Streams and clicked "Analyze"
5) Then I clicked "Save PayLoad"
6) Then I opted .au format and selected "both" channels and saved
7) When I played the sound using vlc played..I heard the actual sound
I got the sound...:)
But I need to know whether these options can be done from a command line using wireshark's command line options. If that possible...please let me know
Regards,
Haridas
--
So close , No matter how far
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
- Next by Date: [Wireshark-dev] File handle leak in add_hosts_file()
- Next by thread: [Wireshark-dev] File handle leak in add_hosts_file()
- Index(es):