Wireshark-dev: Re: [Wireshark-dev] RTP Muxing with compressed header
From: Sourabh Rathor <[email protected]>
Date: Mon, 15 Feb 2010 03:42:44 -0500
output of the cli :
debian:/home/sourabh/wireshark-1.2.6# wireshark -gtk2\wireshark -v
wireshark 1.2.6

Copyright 1998-2010 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.12, with GLib 2.16.6, with libpcap 0.9.8, with libz
1.2.3.3, without POSIX capabilities, with libpcre 7.6, without SMI, without
c-ares, without ADNS, without Lua, with GnuTLS 2.4.2, with Gcrypt 1.4.1, without
Kerberos, without GeoIP, without PortAudio, without AirPcap.

Running on Linux 2.6.26-2-686, with libpcap version 0.9.8, GnuTLS 2.4.2, Gcrypt
1.4.1.

Built using gcc 4.3.2.

Thanks
Sourabh Rathor

On Mon, Feb 15, 2010 at 3:40 AM, Sourabh Rathor <[email protected]> wrote:
Hi

Ya . I am planning to add this dissector too. I guess it would resolve this compression issue then.

I'l raise a bug for the same.

Thanks
Sourabh Rathor


On Mon, Feb 15, 2010 at 3:24 AM, Anders Broman <[email protected]> wrote:
Hi,
Patches are best submitted as patch/diffs trough bugzilla.
>Its not there in the makefile.
??? What does wireshark-gtk2\wireshark -v output on your build?
 
>rtpcompressdissector = find_dissector("compress_rtp");
Are you planning to submit the "compress_rtp" dissector too?
 
Regards
Anders

 

From: [email protected] [mailto:[email protected]] On Behalf Of Sourabh Rathor
Sent: den 15 februari 2010 07:59

To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] RTP Muxing with compressed header

Hi Anders,

Its not there in the makefile.
For RTP muxing with compressed header. I have made some changes to packet-nb_rtpmux.c as shown:
****
Change 1. (In dissect_nb_rtpmux.c)
 if (rtpcompressdissector)
            {
                next_tvb = tvb_new_subset(tvb, offset+5,
                        MIN(tvb_length(tvb)-5-offset, length), length);

                call_dissector(rtpcompressdissector, next_tvb, pinfo, nb_rtpmux_tree);
            }
            else
            {
                proto_tree_add_item(nb_rtpmux_tree,
                    hf_nb_rtpmux_data, tvb, offset+5, length == 0 ? -1:length, FALSE);
            }
*****
Change 2.

void
proto_reg_handoff_nb_rtpmux(void)
{
    static gboolean inited = FALSE;

    if (!inited) {

        dissector_handle_t nb_rtpmux_handle;

/*  Use new_create_dissector_handle() to indicate that dissect_nb_rtpmux()
 *  returns the number of bytes it dissected (or 0 if it thinks the packet
 *  does not belong to PROTONAME).
 */
        nb_rtpmux_handle = new_create_dissector_handle(dissect_nb_rtpmux,
            proto_nb_rtpmux);

        dissector_add_handle("udp.port", nb_rtpmux_handle);
        rtpcompressdissector = find_dissector("compress_rtp");
        inited = TRUE;
    }

}

And also written a new dissector function for RTP packets with compresssed headers as shown below:
static int
dissect_compress_rtp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{

/* Set up structures needed to add the protocol subtree and manage it */
       proto_item *ti;
       proto_tree *compress_rtp_tree;
/*Need to add some checks here.....(Heuristics)*/

/* Make entries in Protocol column and info column on summary display */
       col_set_str(pinfo->cinfo,COL_PROTOCOL,"Compress_RTP");

       if(tree) {
       unsigned int offset = 0;
 
/* Create displays subtree for the protocol */

       //while()

       guint16 timestamp, sequence_no;

       ti = proto_tree_add_item(tree,proto_compress_rtp,tvb,offset,-1,FALSE);
       compress_rtp_tree = proto_item_add_subtree(ti,ett_compress_rtp);
 
       proto_tree_add_item(compress_rtp_tree,hf_compress_rtp_sequence_no,tvb,offset,1,FALSE);
       timestamp = tvb_get_ntohs(tvb,offset);
       proto_tree_add_uint(compress_rtp_tree,hf_compress_rtp_timestamp,tvb,offset+1,2,FALSE);
       proto_tree_add_item(compress_rtp_tree,hf_compress_rtp_data,tvb,offset+3,-1,FALSE);

       return tvb_length(tvb);
}


Any feedback for the same.

Thanks
Sourabh Rathor
On Wed, Feb 10, 2010 at 4:58 PM, Anders Broman <[email protected]> wrote:
Hi,
??? It's in the makefile, in my SVN tree, on the server...
Are youi doing svn co http://anonsvn.wireshark.org/wireshark/trunk/ wireshark ?
 
/Anders


From: [email protected] [mailto:[email protected]] On Behalf Of Sourabh Rathor
Sent: den 10 februari 2010 09:22
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] RTP Muxing with compressed header

Hi Anders,

Thanks for your input. This file is not visible now in the latest trunks and in the trunks before. Is it removed ?
Does it support the compression or just the muxing functionality ?

Thanks In advance
Sourabh Rathor

On Wed, Feb 10, 2010 at 10:56 AM, Anders Broman <[email protected]> wrote:

Hi,

There is a basic dissector to expand on, packet-nb_rtpmux.c.

Regards

Anders

 


Från: [email protected] [mailto:[email protected]] För Sourabh Rathor
Skickat: den 10 februari 2010 05:43
Till: [email protected]
Ämne: [Wireshark-dev] RTP Muxing with compressed header

 


Hi

I am actually looking or designing a new dissector function for decoding RTP MUXed streams with compressed headers. This is compliant to 3GPP TS 29.414. Need some inputs to start working on the same. Please reply if any body has any pointers for it.


Thanks
Sourabh Rathor


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:[email protected]?subject=unsubscribe



--
Sourabh Rathor
Institute Of Informatics & Communication
South Campus, Delhi University

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:[email protected]?subject=unsubscribe



--
Sourabh Rathor
Institute Of Informatics & Communication
South Campus, Delhi University

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:[email protected]?subject=unsubscribe



--
Sourabh Rathor
Institute Of Informatics & Communication
South Campus, Delhi University



--
Sourabh Rathor
Institute Of Informatics & Communication
South Campus, Delhi University