Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 12788] New: "DTMF RTP EVENT" decoding not fully working in

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 25 Aug 2016 16:32:56 +0000
Bug ID 12788
Summary "DTMF RTP EVENT" decoding not fully working in Wireshark 2.0.5
Product Wireshark
Version 2.0.5
Hardware x86-64
OS Windows 10
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Created attachment 14851 [details]
Call with SDP and RTP Payload Type 96 only

Build Information:
Version 2.0.5 (v2.0.5-0-ga3be9c6 from master-2.0)

Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with WinPcap (4_1_3), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.11.0, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows 10, build 10586, with locale English_United
States.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz (with SSE4.2), with 12193MB of
physical
memory.


Built using Microsoft Visual C++ 12.0 build 40629

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Default RTP EVENTS Dynamic Payload Type is 101, but if the Telephony events
payload type number is included in the call setup SDP, Wireshark 2.0.5 should
(and does with much older versions of Wireshark) decode the RTP EVENTS for the
duration of that call.

I have attached a trace that includes only the SDP offer/answer and RTP traffic
with p_type==96 which is the RFC2833 Telephony events.  Wireshark version 2.0.5
only decodes the RTP EVENTS in one direction and not the other.  

Traffic from 10.0.0.12 ---> 192.168.21.55 with rtp.p_type==96 is decoded as
[Payload Type=RTP EVENT].

Traffic from 192.168.21.55 ---> 10.0.0.12 with rtp.p_type==96 is NOT decoded as
RTP EVENTS and as [PT=DynamicRTP-Type-96].

I opened the same trace with a much OLDER version of Wireshark (version
0.99.6a) which has the same default RTP EVENTS p_type of 101, and it decodes
both directions without issue.

In Wireshark 2.0.5, if I change the RTP EVENTS default p_type number to be 96
instead of 101, it decodes it properly.   If the TELEPHONY EVENTS p_type is
listed in the SDP, it shouldn't matter what the default is, it should decode
that call based off the SDP information.


Thanks,

Travis

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube