Hello I've been using the "mpeg_dump.lua" wireshark script ( http://wiki.wireshark.org/mpeg_dump.lua ) in order to get the Mpeg Stream from UDP packets. I would like to explain a little bit my test scenario: 1.- I have 2 Set Top Boxes (STB with Ethernet connection), one with internal HDD and the other one without internal HDD. 2.- I have IPTV service 3.- If i do watch Live TV (IPTV) in any STB, and also I get at the same time the packets on wireshark, I can see the UDP packets, then once I select "decode as --> RTP" I can see the MPEG-TS Packets and save the mpeg video by using the mentioned Dump tool (mpeg_dump.lua). You can download and check the dump file "IPTV_Channel_LIVE.pcapng" (around 60mb) and test what I saying in this point. If you just made a "follow UDP stream" from the "IPTV_Channel_LIVE.pcapng" file and then save the result as RAW with .ts or .mpg extension you also will able to watch the same video BUT with garbage pixels LIKE if the video is scrambled.. but is not! because I'm able to clean and save that video by using the dump tool script. (this information is important to the results of the next point) "IPTV_Channel_LIVE.pcapng": https://mega.co.nz/#!SAZxEToB!UwY9IELlq5ElLuFGgrE-m0bTPRMGybvrGt17YTThO4A 4.- The problem is when I want to capture the MPEG-TS packets from an already recorded channel, stored in the STB with internal HDD (IP 192.168.1.153). In order to capture the packets I made a port mirroring on a router that I have between the STB's, the one with internal HDD and the STB WITHOUT HDD (IP 192.168.1.154). Then in this last STB I look for the recordings that I have stored in the other one and then play it. What I got are HTTP packets sent from 192.168.1.153 to 192.168.1.154. and it seems like a UNICAST broadcast. If i do a "Follow TCP" and then "save the dump in RAW data" (with .mpg or .ts extension) you will be able to watch something in your player (VLC or Media Player Classic) but with garbage pixels LIKE if the video is scrambled.. but is not!!!. I have no way to "decode as --> RTP" the HTTP packets. If i do try to "File --> EXPORT --> Http", i get many many little HTTP files, that can not be reproduced alone. As you can see the RAW file has the same garbage pixels like the UDP stream got in a NORMAL LIVE IPTV capture (when you save it as RAW from the "follow UDP stream)(point 3.-), so the problem here for me is how to dump rightly the HTTP packets in order to get a clean video. Please check the following wireshark captured file in order to evidence the explained at this point: "IPTV_RECORDED_CHANNEL.pcapng" (you will see the video is GET as http.. GET /dvrfs/v290.......) https://mega.co.nz/#!TE4mDToZ!MYbPFrhA9PdK27SQh9AvZxfwHWnn6WWH6sdmcYeZKII
"IPTV_RECORDED_CHANNEL_-_2_Recordings.pcapng": https://mega.co.nz/#!mQR1WCQS!NeCgww3sEsk79i2tRdVPUwgj_BW2OkHpfE3GpZ_39OY Please I'm asking for your help in order to get the mpeg-ts stream from the recorded videos on the STB with HDD. Please fell free to ask any question and thanks in advance for your help and support! Regards! PD: sorry for my bad english :/ asked 21 Aug '14, 10:31  Bellower |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
