Wireshark-users: Re: [Wireshark-users] Why does wireshark not recognize my RTP packets in the cor
If you right click on one of the packets and select decode as, then select RTP, does it fix the problem? If so, go to edit preferences - protocols - RTP and check all three boxes.


From: [email protected] [mailto:[email protected]] On Behalf Of André Loddenkemper
Sent: Thursday, September 10, 2009 6:08 AM
To: [email protected]
Subject: [Wireshark-users] Why does wireshark not recognize my RTP packets in the correct way?

Hello,

at work I have programmed my own RTP stack to send data (wrapped in RTP packets) through the network to another pc, where it can be recieved by a voip application.

For testing purposes I am sending the RTP data to my own computer and watching the traffic with wireshark, where I can see all the RTP packets I sent. The problem is: Wireshark just recognizes those packets as "UDP" and not as "RTP" as it should be. My first guess was, I did something wrong in the RTP header. I checked it and everything there is OK, I think.
And on top of that: If I select such and UDP packet, right-click and decode it manually as a RTP packet, everything is fine. Now, with "decode as RTP", Wireshark does recognize all my packets in the correct way. Every field of the RTP header is correct. I compared it bit by bit with RTP packets from Ekiga, it is exactly the same.

I now have spent several days, re-coding and testing.
So my question is: How is that possible? Any Ideas? Why does wireshark not recognize my RTP packets in the correct way?

Greetings,
andre.