Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Dump required for multiplexed streams

From: shruti singh <shruti.is.singh@xxxxxxxxx>
Date: Tue, 3 Nov 2009 17:19:51 +0530
Hey

I have taken the wireshark dev image to decode multiplexed streams.Can you provide me any dump for multiplexed streams which I can decode in wireshark

Thanks & Regards
Shruti

On Wed, Aug 26, 2009 at 11:06 AM, shruti singh <shruti.is.singh@xxxxxxxxx> wrote:
Hi

I need to decode RTP Multiplex streams using wireshark. Presently we can decode only Non -Multiplexed RTP streams in wireshark. 

A multiplexed voice packet is composed by concatenating RTP encapsulated voice packets and IP and UDP headers.

 Below is the Multiplex Packet format

 

IP

UDP

Multiplex Header

Compressed RTP Header

RTP Payload

Multiplex Header

Compressed RTP Header

RTP Payload

  

This Multiplex header is repeated in beginning of each RTP packet. So I was thinking of way to extract this multiplex header & use it to decode each RTP packet following this Multiplex header.

I supose we need to make a dissector packet-rtpmultiplex.c regestring to a UDP port as a starting point.

Dissect the multiplex header, decompress the rtp header and have the RTP dissector dissecting
the resulting "RTP packet" - decompressed header+data.

Could you help me in dissecting the multiplex header and make this work.


Also I need to know the steps to write our own filters in wireshark


It would be great help. Kindly reply as soon as possible


Regards

Shruti