Janice Lau wrote:
well, my supervisor assigned me a task to capture the voice packets on
the LAN network in our campus. He gave me an idea of running Ethereal
on my own pc, while i start the capturing, i should open a voice file
from a shared folder in another PC which is on LAN. Therefore, the
voice file appears like delivered through a LAN network. Do you think
it works?
That depends, as Lars Ruoff notes, on what you use to open the file.
If you're using an audio player, and having it open a file from a shared
folder, the audio player will probably just be using the standard file
I/O APIs in the OS (open/read/close in UN*X,
CreateFile/ReadFile/CloseHandle in Win32), in which case the file will
be transported using whatever remote file access protocol is used to do
the sharing (SMB/CIFS, Netware Core Protocol, NFS, etc.). The file will
not be transported using any audio-over-IP protocol, such as RTP.
I am a bit curious because as i do so, i only manage to capture the
TCP instead of UDP or RTP which supposed to be the protocol for
delivering real-time application.
That might be what's happening. I'd expect the TCP to be further
dissected as SMB/CIFS or NFS or..., in that case. Is that what's
happening? If not, what are the port numbers of the TCP connection?
I assume from the mention of H.323 that the voice packets in question
are VoIP. In order to see VoIP traffic, there would need to be a phone
call in progress on the LAN (and you'll need to be able to see traffic
on the LAN, which might be difficult on a switched LAN unless the
traffic is to or from your machine - you'd have to use Skype:
http://www.skype.com/
or something such as that to have the traffic go to and from your machine).
