Wireshark-dev: Re: [Wireshark-dev] listen_rtp plugin

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Alejandro Vaquero <alejandrovaquero@xxxxxxxxx>
Date: Sun, 02 Jul 2006 15:27:46 -0700


Guy Harris wrote: 
Anders Broman wrote:

  
I have checked in the plugin files for now there are some problems
With applying the change to the makefiles can you please redo the
Patch against the current SVN. I would also suggest to leave 
"PORTAUDIO" commented out in these first checkins.
There are also some warnings from voip_calls.c
    
At least part of the problem is that the dissector calling mechanism is 
being hijacked to call what's really more like a tap.
Yes, I did that because that was the only way (at least that I found) to execute a procedure in a plugin with different parameters. I used the same "dissector" procedure to:
- Reset the listen_rtp
- Add an RTP packet to be used by the listen_rtp
- To display the listen_rtp window when the "listen" button is clicked.

Maybe we need a more cleaner solution for this?
I have a version with the listen_rtp stuff in the gtk directory as 
builtin code rather than as a plugin, so it doesn't use the dissector 
calling mechanism in that fashion, and with configure-script and nmake 
file conditionalization so it should build with or without PortAudio. 
It builds on OS X.

However, it doesn't actually play anything on the sample capture.

It appears that the problem is that, at least for the call in the 
capture, which was set up with H.323, only the setup packets are treated 
as part of the call, not the RTP packets - the graph for the call shows 
only the H.225 and H.245 packets.

This means that mark_rtp_stream_to_play() will not find 
rsi->first_frame_number anywhere in the list of packets in the graph, 
and thus won't mark the stream as a stream to be played.

Is it intentional that only the setup calls, not the voice traffic, are 
in the graph?
If there is RTP in the capture that belong to that h323 call, the graph should also display it but only the first RTP packet and with a double line arrow. Are you sure RTP is part of your capture?
I just added a new SIP call that also has G711 RTP in the Wiki Sample Captures, so you can test it:
http://wiki.wireshark.org/SampleCaptures?action="">
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev