Wireshark-dev: Re: [Wireshark-dev] Small [Patch] to H.323 VoIP calls

From: "Keith French" <keithfrench@xxxxxxxxxxxxx>
Date: Sun, 30 Jul 2006 15:34:18 +0100
Just a thought...when you use VoIP Calls to filter one call, the only way that I can currently see of analysing these two RTP streams is:-

1) Add to filter string - "or rtp.setup-frame eq xxx or rtp.setup-frame eq yyy" for the two streams, so as you have the complete call.

2) Save only the displayed packets as a new file

3) Then the RTP Stream Analysis on this file.

This is because the Stream Analysis currently looks at all RTP streams in the trace.

Would it be possible to slightly improve this so as you do the analysis just on the call currently filtered?

Keith French.

----- Original Message ----- From: "Keith French" <keithfrench@xxxxxxxxxxxxx>
To: "Developer support list for Wireshark" <wireshark-dev@xxxxxxxxxxxxx>
Sent: Friday, July 28, 2006 10:00 PM
Subject: Re: [Wireshark-dev] Small [Patch] to H.323 VoIP calls


Ronnie & Martin,

Thanks for your efforts I have just tried the 18804 build and it is perfect.

By the way, the release notes for 0.99.2 mentioned that the RTP Play feature just missed the Windows installer & that it would be available in 0.99.3. Is
it in the 18804 build, I've looked & can't see it?

Keith.

----- Original Message ----- From: "ronnie sahlberg" <ronniesahlberg@xxxxxxxxx>
To: "Developer support list for Wireshark" <wireshark-dev@xxxxxxxxxxxxx>
Sent: Friday, July 28, 2006 8:53 AM
Subject: Re: [Wireshark-dev] Small [Patch] to H.323 VoIP calls


checked in

Keith,   can you verify this solves your problem?
Also,   there is no page for H450 on the wiki    wiki.wireshark.org
maybe you can add a small page with some information about this
protocol?


you dont have to wait for the next release.
you can test on win32 using the automatically prerelease builds that
are available from
http://www.wireshark.org/download/automated/win32

please try SVN version 18804 or later



On 7/27/06, Martin Mathieson <martin.mathieson@xxxxxxxxxxxx> wrote:
Thanks for the capture, Keith.  The problem was with h450 hf fields that
weren't initialised sucessfully (at all in one case, or with non-unique
filter strings in several others) - it was hitting an assertion in
proto.c
when an attempt was made to use those fields.

I was able to test by editing packet-h450.c directly, I couldn't
regenerate
it from packet-h450-template.c.  I'm attaching a patch to
packet-h450-template.c that hopefully does the same thing.  If someone
can
generate and check it packet-h450.c in for me I'll retest.

Thanks,
Martin
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.4/402 - Release Date: 27/07/2006




--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.5/403 - Release Date: 28/07/2006

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.5/403 - Release Date: 28/07/2006




--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.5/403 - Release Date: 28/07/2006