Wireshark-users: Re: [Wireshark-users] Why does wireshark not recognize my RTP packets in the cor
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: <Tim.Poth@xxxxxxxxxxx>
Date: Thu, 10 Sep 2009 08:57:27 -0400

I know this is resolved but I just thought I would though it out there, the source code for the dissectors wireshark uses are available, if there is every a question on why or how something is happening the answers in the source. (although I think the below is a must faster options)

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of André Loddenkemper
Sent: Thursday, September 10, 2009 7:23 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Why does wireshark not recognize my RTP packets in the correct way?

 

Thanks a lot! I can not believe it was that easy! And shame on me for failing at that simple task.
Not only have you fixed my problem here, but now I already know, that my SIP implementation is incorrect.

Problem solved, no more mails needed, thanks! :)

2009/9/10 George Peaslee <gpeaslee@xxxxxxxxxxx>

If you right click on one of the packets and select decode as, then select RTP, does it fix the problem? If so, go to edit preferences - protocols - RTP and check all three boxes.

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of André Loddenkemper
Sent: Thursday, September 10, 2009 6:08 AM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] Why does wireshark not recognize my RTP packets in the correct way?

Hello,

at work I have programmed my own RTP stack to send data (wrapped in RTP packets) through the network to another pc, where it can be recieved by a voip application.

For testing purposes I am sending the RTP data to my own computer and watching the traffic with wireshark, where I can see all the RTP packets I sent. The problem is: Wireshark just recognizes those packets as "UDP" and not as "RTP" as it should be. My first guess was, I did something wrong in the RTP header. I checked it and everything there is OK, I think.
And on top of that: If I select such and UDP packet, right-click and decode it manually as a RTP packet, everything is fine. Now, with "decode as RTP", Wireshark does recognize all my packets in the correct way. Every field of the RTP header is correct. I compared it bit by bit with RTP packets from Ekiga, it is exactly the same.

I now have spent several days, re-coding and testing.
So my question is: How is that possible? Any Ideas? Why does wireshark not recognize my RTP packets in the correct way?

Greetings,
andre.


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe