Hi all,
A newbie question here. I have been using Wireshark for only a couple
of days now. I downloaded the binary 1.2.9 for Windows and managed to
capture a few transport packets - UDP containing RTP. The
conversation uses H.264 video bitstream.
I instructed Wireshark to "Decode As" -> "Transport UDP source port(s)
as" RTP. I saw that the payload-type is DynamicRTP-Type-96 so then in
the Edit->Preferences-Protocols-H264, I selected the payload type as
96.
This really helped me and I could see the packet headers and even the
payload. However, I am unable to dissect the H264 bitstream.
Wireshark shows something like follows and doesn't go inside the "H264
bitstream". I downloaded the source for Wireshark and found
wireshark-1.2.9/epan/dissectors/packet-h264.c which suggests that I
should be able to see the syntax elements and various other fields as
well.
Obviously, I am doing something wrong and/or stupid. Please advice.
Any pointers greatly appreciated.
Thanks and regards,
Anirud
--------- One selected packet was exported to text file as follows --------
Real-Time Transport Protocol
10.. .... = Version: RFC 1889 Version (2)
..0. .... = Padding: False
...1 .... = Extension: True
.... 0000 = Contributing source identifiers count: 0
0... .... = Marker: False
Payload type: DynamicRTP-Type-96 (96)
Sequence number: 35525
Timestamp: 2966614680
Synchronization Source identifier: 0x00000001 (1)
Defined by profile: 48862
Extension length: 3
Header extensions
Header extension: 1711276032
Header extension: 2615214809
Header extension: 1912602625
H.264
NAL unit header or first byte of the payload
0... .... = F bit: No bit errors or other syntax violations
.01. .... = Nal_ref_idc (NRI): 1
...1 1000 = Type: STAP-A (24)
H264 bitstream