Wireshark-users: Re: [Wireshark-users] Displaying RAP for VoIP calls
One other thing, when you filter from VoIP calls it cannot always find any RTP packets. In that case what I do is find one in the “Flow” diagram & click on it. That will cause the main decode to jump to that packet. Then go into the RTP header & use the setup frame method.
 
Keith.
 
Sent: Friday, August 19, 2011 9:16 PM
Subject: Re: [Wireshark-users] Displaying RTP for VoIP calls
 

Thank you. That worked!

 

Ira Tessler

ConnectMe

 

From: [email protected] [mailto:[email protected]] On Behalf Of Keith French
Sent: Friday, August 19, 2011 2:29 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Displaying RTP for VoIP calls

 

Ira,

 

One way is to open up the RTP header & find the “Setup Frame” which is under the “stream set up by XXX” depending on your call setup protocol. Then right click on it, Prepare a filter > Or selected. Another way is to use the SSID (Synchronisation Source Identifier) field in the RTP header, prepare a filter as before. However, doing this on one packet will probably only give you one direction, you will most likely have to repeat this on the other RTP packet, to get the complete call.

 

Keith French.

I am trying to trouble shoot VoIP calls using Wireshark 1.6.0. I have many calls in one pcap file. I can display all the VoIP calls in the file by going to Telephony->Voip Calls. I can select a call, listen to the RTP stream. When I click on “Prepare Filter” and apply the filter, the resulting display only shows two RTP packs. How can I see all the RTP packs related to the selected VoIP calls?

 

Ira Tessler

ConnectMe

 


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:[email protected]?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:[email protected]?subject=unsubscribe