Malcolm Herbert wrote:
Actually I'm interested in looking at the MPEG stream for an audio
streaming project I'm working on - using a tool like wireshark which is
built for packet inspection is a great bonus ... :)
I had another shot at opening an MP3 file this morning from my Windows
host at work using 1.0.0 that I installed yesterday but I get the same
response - although I specify the file type to be 'MPEG
(*.mpeg;*.mpg;*.mp3)' the 'Format:' field says that WireShark is
detecting the file as an 'I4B ISDN trace'. Other MP3 files I have are
detected as 'CSIDS IPlog' ...
In both cases the decoded packet traces are a hash of bizarrely broken
protocols and packet fragments ...
Any thoughts?
Sounds like either the MP3 or those other wiretap modules' (or both)
heuristics are broken, er, not good enough.
I tried with some MP3s I had here and, sure enough, a lot of them showed
up as "I4B ISDN trace". That wiretap module has a fairly limited
heuristic check which could probably be improved. I'd suggest you open
a bug to track the problem.
(OTOH that module hasn't been updated substantially since 1999 and there
aren't any sample captures on the Wiki. Oh, OK, I did find one here:
http://ethereal.netmirror.org/lists/ethereal-dev/199912/msg00248.html )