I discovered today that, Wireshark 1.8.6 does not display RFC2833 DTMF telephony events in VoIP call graph analysis anymore. It was a very convenient way to see, which DTMF digits are transmitted in the RTP packets. This example displays 7 DTMF digits and is taken with wireshark 1.8.3. The same trace shows only "RTP (telephone-event)" and not which digit is transmitted anymore as of (at least) wireshark 1.8.6. Which digit is transmitted, has to be figured out at the packet view. Is this a bug or may be enabled by a new option? Thanks & Greetings, Chris asked 22 Apr '13, 12:06  ChrisVoIP |
2 Answers:
That behavior changed between 1.8.5 (shows DTMF event info in graph) and 1.8.6 (does not show DTMF event info). Looks like a bug to me. Regards answered 22 Apr '13, 13:17  Kurt Knochner ♦ This is probably a side effect of the fix for bug 8321 (22 Apr '13, 14:07) Pascal Quantin @Pascal Quantin: Care to elaborate? (22 Apr '13, 14:16) Jaap ♦ @Jaap: reverting revision 47729 solves the issue. I do not have the time to dig further right now. (22 Apr '13, 15:41) Pascal Quantin |
This a regression tracked by bug 8610 and now fixed in the soon to be released 1.10rc1. The fix will also be backported in 1.8.7 and 1.6.15 releases. answered 24 Apr '13, 08:57  Pascal Quantin edited 24 Apr '13, 14:35 HI Wireshark Team, I report this problem with the latest wireshark Version 1.10.5 (SVN Rev 54262 from /trunk-1.10), the RTP DTMF digits are not displayed in the flow graph. However, the Version 1.6.8 (SVN Rev 42761 from /trunk-1.6) display the RTP DTMF digits in the flow graph for the same .pcapng file (21 Jan '14, 06:50) krash Could you share a capture showing the issue? The capture from Wireshark wiki http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=SIP_DTMF2.cap is working as expected with 1.10.5 (21 Jan '14, 14:38) Pascal Quantin
(03 Mar '14, 16:06) jrounds jrounds: we can't do anything about it without the capture file. We don't need everything - just the SIP messages with the SDP, and a few of the RTP packets. According to the screenshot you pasted above, SDP did setup the RTP flow, but didn't assign it to telephone-events. So even just seeing a screenshot of the SDP protocol details window might be sufficient. (04 Mar '14, 22:40) Hadriel Still not fixed in R1.12.6, the DTMF number is not shown. Any idea when the fix will be available? (30 Oct '15, 05:20) TechSupport Please provide a capture showing the issue (even better, create a bug report on https://bugs.wireshark.org and attach the capture here). Without it, we cannot look at the issue. I just tested the capture found here http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=SIP_DTMF2.cap with Wireshark 2.0rc2 and it works fine, so it means your use case is different. (31 Oct '15, 01:23) Pascal Quantin Pascal, as it seems that some people are bothered by this and similar issues more than me, I'll add my observations here:
(1.12.8 is the latest published stable release at the time of writing this.)
(31 Oct '15, 03:59) sindy I just tested Wireshark 1.12.8 and indeed it was broken again. But it's working as expected in Wiresahrk 2.rc2 (as stated above). Improvement requests must be done on https://bugs.wireshark.org (enhancement category) but be aware that the GTK UI is being deprecated and replaced by Qt UI starting from version 2.0. Don't worry, it suffers from the same sizing issue ;) If you face issues, please create bug reports with captures. Without it, do not expect to see things improving (as without pcap files showing the issues, we cannot fix bugs). If you have a doubt, simply fill one with pcap samples. If required, we will split it in several bugs if the root causes are different. (31 Oct '15, 11:26) Pascal Quantin showing 5 of 8 show 3 more comments |
Still not fixed in 1.10.5, subsequently it is not recognized by the rtp.event_id filter.
I am having this issue 64bit 1.12.4