> Hello,
>
> I've just upgraded to ethereal 0.10.8.
> Then I capture rtp stream and try to analyze it.
> Unfortunately ethereal hang up on the first attempt.
>
> Please, find the attached capture file.
>
> To reproduce go to Statistics->RTP->Show All
> Streams...
> Try to analyze 192.168.100.208 -> 192.168.5.17
>
> The problem seems to be in duplicated rtp packets.
>
> All this used to work to me in 0.10.7 version.
Hi,
It happens because the timestamp of the first packet is a random -in this case very high- value,
which is OK according to the RFC -in fact the RFC recommends random values-. The code believes
it needs to create silence between the beginning of time and that value.
I've included a small patch for this and also a small correction to the inverted timestamps
check that will prevent a packet with the same timestamp as the previous one -which I believe
is correct- to show as erroneous.
These two problems suggest that the implementation of the analysis function is not very
resilient against traces with different behaviours. I will try to have a deeper look into it
if I can get the time.
Arsen, you might want to look for big files Ethereal has probably created in your temp directory
while it seemed hang.
Best regards,
Francisco
Attachment:
rtp_analysis.patch
Description: Binary data