| Bug ID |
11413
|
| Summary |
RTP Lua reassemble does not work for more than two packages if offset is 0
|
| Product |
Wireshark
|
| Version |
0.99.8
|
| Hardware |
x86
|
| OS |
Windows 7
|
| Status |
UNCONFIRMED
|
| Severity |
Major
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 13769 [details]
example trace
Build Information:
Version 1.99.9-59-g9557c73 (v1.99.9rc0-59-g9557c73 from master)
Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with Qt 5.3.1, with WinPcap (unknown), with libz 1.2.8, with
GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, without PortAudio,
with AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale C, with
WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version
1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, without
AirPcap.
Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz (with SSE4.2), with 4007MB of
physical memory.
Built using Microsoft Visual C++ 12.0 build 31101
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Using to following script to reassemble a RTP protocol with Lua does not work
if desegment_offset is set to 0 and more than two packages are needed
together. As RTP is a real time protocol with a packet for each interval it
happens that there are packets with basically no payload (only zeroes). The
user data however is still continuous in my case which makes it impossible to
reassemble more than two frames without cutting off some data from the first
frame each time I request another frame via pinfo.desegment_len =
DESEGMENT_ONE_MORE_SEGMENT (see commented line in the script below).
do -- namespace
-- declare our protocol
proto = Proto("myProto", "My Protocol")
protoFrameSize = 480
protoMaxPayload = 54
getTs = Field.new("rtp.timestamp")
function proto.dissector(buffer, pinfo, tree)
if ((getTs().value / protoFrameSize) % 3) < 2 then
tree:add(proto, buffer(0, buffer:len()), "incomplete: " ..
buffer:len())
pinfo.desegment_offset = getTs().value / protoFrameSize
-- pinfo.desegment_offset = 0 -- this does not work
pinfo.desegment_len = DESEGMENT_ONE_MORE_SEGMENT
return
else
tree:add(proto, buffer(0, buffer:len()), "complete: " .. buffer:len())
pinfo.desegment_len = 0
return
end
end
-- load the rtp.pt table
local rtpTable = DissectorTable.get("rtp.pt")
-- register our protocol to handle payload type ITU-T G.711 PCMA
rtpTable:add(8, proto)
end -- end of namespace
I have also a little example trace attached.
You are receiving this mail because:
- You are watching all bug changes.