Wireshark · Ethereal-users: Re: [Ethereal-users] How to make ethereal recognise RTP,RTCP,SCTP over UDP

Ethereal-users: Re: [Ethereal-users] How to make ethereal recognise RTP,RTCP,SCTP over UDP

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>

Date: Wed, 26 Jun 2002 19:46:26 -0700

On Thu, Jun 27, 2002 at 10:32:35AM +0800, weiliang lian wrote:
>    I want capture MGCP,RTP,RTCP,M2UA,SCTP etc protocol over UDP using
>    ethereal on winnt,
>    but all protocol was dissector as UDP. Anyone can tell me how to make
>    ethereal recognise  it?

RTP and RTCP don't have standard port numbers, and nobody's figured out
any heuristic to guess whether a UDP packet is an RTP or RTCP packet or
not; Ethereal will only automatically recognize RTP or RTCP packets
if it sees, earlier in the capture, RTSP traffic to set up the RTP
conversation.

In order to get Ethereal to dissect other UDP traffic as RTP, you have
to select one of the frames of RTP traffic, select "Decode As" from the
"Tools" menu or the right-mouse-button menu, and, in the dialog box that
pops up:

	specify whether the source port number, destination port number,
	or both port numbers should be treated as the port number for
	RTP;

	select RTP from the list of protocols;

	and then click "OK".

Do the same for RTCP traffic.

References:
- [Ethereal-users] How to make ethereal recognise RTP,RTCP,SCTP over UDP
  - From: weiliang lian

Prev by Date: [Ethereal-users] How to make ethereal recognise RTP,RTCP,SCTP over UDP
Next by Date: Re: [Ethereal-users] pcap: File has 3379042344-byte packet, bigger than maximum of 65535
Previous by thread: [Ethereal-users] How to make ethereal recognise RTP,RTCP,SCTP over UDP
Next by thread: [Ethereal-users] horrendously bad arrival times.
Index(es):
- Date
- Thread