Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] One IP-Port pair missing in the pcap file

From: vishal borkar <weeshalll@xxxxxxxxx>
Date: Wed, 24 Mar 2010 10:57:59 +0530
Hello all,
I recently captured a yahoo voice communication between my machine and a friend.
What i observed was that when i opened the file in a text editor i could not find the 
port and the IP of my system on which the actual communication took place.
FYI my ip ( on which the UDP data travelled ):-192.168.0.230
Port(on which the UDP data travelled ):- 22308

Though i can clearly see the communication happening on this IP-port pair
when i opened the file in Wireshark.
Can anyone tell me as to why this is happening ?
What i mean is aren't the SIP packets supposed to carry this information ? 
Since they are not carrying this information then how is the communication taking place ?
I am attaching the file for your reference.

Thanks in advance,
Vishal
 

Attachment: snort.log.2
Description: Binary data