Wireshark-users: [Wireshark-users] Using T-Shark. Please help me!
Hello,
First of all please sorry for my bad English…
I'm using T-Shark to capture RTCP packets and I find two types:
RTCP Receiver Report and RTCP Sender Report
I'm interested only in Receiver Reports because inside these packets there are some information I need, e.g., the interarrival jitter and so on.
But I don´t know how to access that fields. On the graphic mode it´s ok, it´s easy to see, but what I need is to save that information into a file for post processing reasons.
So in the T-shark command line I don't know how to save the information I need. I´ve tried the –e option and many others with no results.
Example: tshark -i 2 -t r -p -R rtcp > D:\val\dados\aaa.txt and the result is (only few packets):
9.773495 10.64.75.81 -> 10.64.75.79 RTCP Receiver Report Source description
9.773540 10.64.75.79 -> 10.64.75.81 ICMP Destination unreachable (Port unreachable)
11.053063 10.64.75.81 -> 10.64.75.79 RTCP Receiver Report Source description
If I use the –e option (for fields) I should write something like –e.rtcp.receiverreport(?).source1.interarrival jitter to access that field, but no results…
Finally, is there any way to save only the rtcp packets (and not ICMP and others)?
Can anyone help me, please?
Many thanks in advance.
Valentim.
