如果wireshark无法识别某些类型的协议(RTSP,RTP,RTCP),如何强制Wireshark破译它们? [英] How can I force wireshark to decipher some types of protocols if it doesn't recognize them (RTSP,RTP, RTCP)?
问题描述
我正在尝试根据 http://www.csee.umbc.edu/~pmundur/courses/CMSC691C/lab5-kurose-ross.html 示例;我已经通过 RTSP 请求和流式 RTP 数据包成功与 VLC 通信;VLC 无法很好地识别带有 JPEG 负载的 RTP 数据包;这就是为什么我认为我发送格式错误的 RTP.我用wireshark嗅探它们并将它们与数据包进行比较,从gstreamer RTSP streamer和VLc的成功RTSP通信中嗅探出来.我很惊讶,我的 app&VLC 的 RTSP 和 RTP 请求在wireshark UI 中都被标记为简单的 TCP 和 UDP 数据包,而 gstreamer&VLC 的请求被标记为 RTSP、RTP、RTCP,甚至是 RTSP/SDP.
I'm trying to implement RTSP protocol in Java according to http://www.csee.umbc.edu/~pmundur/courses/CMSC691C/lab5-kurose-ross.html example; I have succeed up to successful communication with VLC via RTSP requests and streaming RTP packets; RTP packets with JPEG payload are not recognized by VLC well; that's why I supposed I send malformed RTP. I sniffed them with wireshark and compared them with packets, sniffed from successfull RTSP communication of gstreamer RTSP streamer and VLc. I was surprised, that both my app&VLC's RTSP and RTP requests were labeled in wireshark UI as simply TCP and UDP packets, while gstreamer&VLC's one were labeled as RTSP, RTP, RTCP, and even RTSP/SDP.
我真的很困惑,我不明白为什么在某些情况下,wireshark 将 VLC 的请求解析为纯 RTSP/RTP,而我的情况是纯 TCP/UDP 数据.至少,VLC 的请求没有格式错误,即使我是.
I'm really confused, I don't understand why VLC's requsts in some cases are parsed by wireshark as pure RTSP/RTP, and im my case as plain TCP/UDP data. At least, VLC's requests are not malformed, even if my are.
如何强制wireshark将该请求识别为某些特定协议?
How can I force wireshark to recognize that requests as some specific protocol?
推荐答案
右键单击数据包并选择解码为...".然后在传输"协议列表中选择RTP".
Right click on a packet and select "Decode as...". Then choose "RTP" in the list of "Transport" protocols.
如果你想解码一些定制的协议,你必须得到或编译一个解剖器,这可能很麻烦......幸运的是,PCAP格式很简单,直接插入它很容易(我碰巧上周刚做了一个,如果老板同意,我可能会开源).
If you want to decode some custom-made protocol, you'll have to get or compile a dissector, which can be quite troublesome... Fortunately, PCAP format is simple and plugin directly to it is easy (I happened to just have made one last week, I might make it Open Source if my boss agrees).
感谢@GuyHarris,他指出在检测到启动 RTP 会话的 SDP 数据包时会执行自动 RTP 解码.在Edit > Preferences"菜单中还有一个选项,在Protocols"树下选择RTP":尝试在对话之外解码 RTP".
Thanks to @GuyHarris who stated that automatic RTP decoding is performed when SDP packets are detected that initiate the RTP session. There also is an option in the "Edit > Preferences" menu, choosing "RTP" under the "Protocols" tree: "Try to decode RTP outside of conversations".
这篇关于如果wireshark无法识别某些类型的协议(RTSP,RTP,RTCP),如何强制Wireshark破译它们?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
