Wireshark-users: Re: [Wireshark-users] Why does wireshark not recognize my RTP packets in the cor
From: "George Peaslee" <[email protected]>
Date: Thu, 10 Sep 2009 06:16:21 -0500
If you right click on one of the packets and select decode as, then select RTP, does it fix the problem? If so, go to edit preferences - protocols - RTP and check all three boxes.


From: [email protected] [mailto:[email protected]] On Behalf Of André Loddenkemper
Sent: Thursday, September 10, 2009 6:08 AM
To: [email protected]
Subject: [Wireshark-users] Why does wireshark not recognize my RTP packets in the correct way?

Hello,

at work I have programmed my own RTP stack to send data (wrapped in RTP packets) through the network to another pc, where it can be recieved by a voip application.

For testing purposes I am sending the RTP data to my own computer and watching the traffic with wireshark, where I can see all the RTP packets I sent. The problem is: Wireshark just recognizes those packets as "UDP" and not as "RTP" as it should be. My first guess was, I did something wrong in the RTP header. I checked it and everything there is OK, I think.
And on top of that: If I select such and UDP packet, right-click and decode it manually as a RTP packet, everything is fine. Now, with "decode as RTP", Wireshark does recognize all my packets in the correct way. Every field of the RTP header is correct. I compared it bit by bit with RTP packets from Ekiga, it is exactly the same.

I now have spent several days, re-coding and testing.
So my question is: How is that possible? Any Ideas? Why does wireshark not recognize my RTP packets in the correct way?

Greetings,
andre.