Wireshark · Wireshark-users: [Wireshark-users] Question about filtering

Wireshark-users: [Wireshark-users] Question about filtering

Date: Sun, 4 Dec 2011 23:22:15 -0500

Greetings!

I'm investigating audio-loss for a VoIP implementation. When I listen to the RTP stream, I can see that at a certain point in the conversation one party starts to "not hear" the other side. In other words, one-way audio muting is happening.

My question is how do I correlate that particular muting which I can deduce (from one side in question repeating their hellos again and again) in the stream to a packet-stream in wireshark? So how do I know the point where the packets start to get lost in the conversation from the side that muted? (It's a 100 meg capture)

One way I can think of is to go through the capture packet-by-packet and see where only packets from one side start showing up in the capture, but is there another more elegant way to do this? Can I write a filter in such a way that it finds the packets coming only from one side in succession whereas it should be a to-and-fro that should be reported?

Hoping that I asked the question clearly. If not, please let me know if more information is needed and/or you know the hidden trick that I seem to be missing :-)

Thanks,
Basti Ji

Follow-Ups:
- Re: [Wireshark-users] Question about filtering
  - From: Boonie

Prev by Date: Re: [Wireshark-users] How to compute the number of packets with bad checksum
Next by Date: Re: [Wireshark-users] Question about filtering
Previous by thread: Re: [Wireshark-users] packet loss and network issues - wireshark
Next by thread: Re: [Wireshark-users] Question about filtering
Index(es):
- Date
- Thread