Wireshark-users: Re: [Wireshark-users] RTP statistics via command line

From: "Anders Broman" <anders.broman@xxxxxxxxxxxx>
Date: Mon, 12 Jan 2009 12:40:22 +0100
> Bytheway i'm using wireshark 1.02 on linux, since 1.04 and 1.05 
> results in false negatives in the MPEG TS stream decode (but that's 
> another bug;)
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3074
Don't hold your breth on getting this fixed as I don't think any one of
the active mantaners has access to the specs.
Regards
Anders 

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Sake Blok
Sent: den 12 januari 2009 12:35
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] RTP statistics via command line

On Mon, Jan 12, 2009 at 11:08:51AM +0000, MKS wrote:
> >> 2) decode as RTP
> >
> >tshark should find the same rtp streams as Wireshark does, but if 
> >they don't find all the streams, you might want to look for rtp in 
> >every stream with:
> 
> >... -o rtp.heuristic_rtp:TRUE ...
> 
> Well I tried that, the thing is that i'm trying to decode MPEG TS7/RTP

> stream and wireshark is unable to decode the UDP stream unless I do 
> "decode as RTP. "
> rtp.heuristic_rtp doesn't do exactly that.
> 
> All I get is blank stats
> ========================= RTP Streams ========================
>     Src IP addr  Port    Dest IP addr  Port       SSRC
> Payload  Pkts         Lost   Max Delta(ms)  Max Jitter(ms) Mean
> Jitter(ms) Problems?
> ==============================================================
> 
> Is there some other option that do "decode as RTP" on the command
line?

Yes, you can use the -d option like this (performed on the trace in the
below mentioned bug report:

$ tshark -r Wireshark-1.0.4_MPEG-decode-bug_20081119.cap -d
udp.port==80,rtp | head -3
  1   0.000000  10.199.0.54 -> 233.22.133.240 RTP PT=MPEG-II transport
streams, SSRC=0x0, Seq=18109, Time=3664199842
  2   0.003923  10.199.0.54 -> 233.22.133.240 RTP PT=MPEG-II transport
streams, SSRC=0x0, Seq=18110, Time=3664200221
  3   0.008133  10.199.0.54 -> 233.22.133.240 RTP PT=MPEG-II transport
streams, SSRC=0x0, Seq=18111, Time=3664200601

sablo@BLOK /cygdrive/c/temp
$

> Bytheway i'm using wireshark 1.02 on linux, since 1.04 and 1.05 
> results in false negatives in the MPEG TS stream decode (but that's 
> another bug;)
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3074
> 
> >Is this what you are looking for?
> 
> Close but not there yet

Getting closer I hope ;-)

Cheers,
    Sake
________________________________________________________________________
___
Sent via:    Wireshark-users mailing list
<wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe