Hi,
>>On Wed, Jan 15, 2003 at 08:01:34AM +0100, Miha Jemec wrote:
>>>I use Ethereal in my every day life a lot and you are doing a great job
>>>- thanks a lot. Since we use it for testing our VoIP equipment we added
>>>a "plugin" that makes RTP analysis and has the following features:
>>>
Very interesting!
In the file you say "problem with filter let's some ICMP packets through the RTP filter. Why?".
I guess that it e.g. is ICMP message with e.g. "unreachable destination (port unreachable)" corresponding to sent
RTP packets and that the ICMP message contains a part of the sent RTP packet (the port numbers
in the IP-header included in the ICMP unreachable destination message will then correspond to the RTP port numbers).
http://www.freesoft.org/CIE/RFC/792/3.htm
You could maybe combine the display filter you are already using (ip-addresses and port-numbers)
with a condition to avoid the packets that are ICMP packets, e.g. something like:
"ip.src == 10.10.10.20 and udp.srcport == 32091 and ip.dst = 10.10.10.21 and udp.dstport == 32091 and not icmp"
I have not looked so much in detail on your program yet, so I don't have so many other comments yet.
Maybe it would be good to be able to save a file in the file format used by rtpdump/rtpplay (I think there is some other
programs that uses this format also).
http://www.cs.columbia.edu/IRT/software/rtptools/
Regards,
Martin
