On Sat, Jan 10, 2009 at 11:45:09PM +0000, MKS wrote:
>
> I was wondering if it's possible todo the following via command line
>
> 1) load capture file
tshark -r <file> ...
> 2) decode as RTP
tshark should find the same rtp streams as Wireshark does, but if they
don't find all the streams, you might want to look for rtp in every
stream with:
... -o rtp.heuristic_rtp:TRUE ...
>From the preferences file:
# If call control SIP/H323/RTSP/.. messages are missing in the trace,
# RTP isn't decoded without this
# TRUE or FALSE (case-insensitive).
rtp.heuristic_rtp: FALSE
> 3) run RTP statistics
... -qz rtp,streams ...
>From the tshark manpage:
-z rtp,streams
Collect statistics for all RTP streams and calculate max. delta,
max. and mean jitter and packet loss percentages.
The extra 'q' is to make tshark only dump the statistics, not the packet
list.
> 4) save statistics info into file.
... > rtp-stats.txt
Putting it all together on the example trace from the wiki
(http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=rtp_example.raw.gz):
$ tshark -r rtp_example.raw.gz -o rtp.heuristic_rtp:TRUE -qz rtp,streams
========================= RTP Streams ========================
Src IP addr Port Dest IP addr Port SSRC Payload Pkts Lost Max Delta(ms) Max Jitter(ms) Mean Jitter(ms) Problems?
10.1.3.143 5000 10.1.6.18 2006 0xDEE0EE8F ITU-T G.711 PCMA 236 0 (0.0%) 34.83 0.83 0.37
10.1.6.18 2006 10.1.3.143 5000 0xF3CB2001 ITU-T G.711 PCMA 229 1 (0.4%) 86.12 7.34 2.84 X
==============================================================
sablo@BLOK /cygdrive/c/temp
$
Is this what you are looking for?
Cheers,
Sake
