Wireshark-dev: [Wireshark-dev] Need help in Decoding RTP Multiplex streams in Wireshark
From: shruti singh <[email protected]>
Date: Wed, 26 Aug 2009 11:06:13 +0530
Hi

I need to decode RTP Multiplex streams using wireshark. Presently we can decode only Non -Multiplexed RTP streams in wireshark. 

A multiplexed voice packet is composed by concatenating RTP encapsulated voice packets and IP and UDP headers.

 Below is the Multiplex Packet format

 

IP

UDP

Multiplex Header

Compressed RTP Header

RTP Payload

Multiplex Header

Compressed RTP Header

RTP Payload

  

This Multiplex header is repeated in beginning of each RTP packet. So I was thinking of way to extract this multiplex header & use it to decode each RTP packet following this Multiplex header.

I supose we need to make a dissector packet-rtpmultiplex.c regestring to a UDP port as a starting point.

Dissect the multiplex header, decompress the rtp header and have the RTP dissector dissecting
the resulting "RTP packet" - decompressed header+data.

Could you help me in dissecting the multiplex header and make this work.


Also I need to know the steps to write our own filters in wireshark


It would be great help. Kindly reply as soon as possible


Regards

Shruti