I have a valid capture in pcap-ng format(version 1.0) using tshark command like this:
I want to extract RTP payload in binary format and store it in a file and be reproducible. I tried this to extract binary data in ASCII format:
But it produces empty output. I guess it fails because RTP packets are not detected as RTP streams, because if I open the original capture (capture_tshark_1.pcapng) with Wireshark this is what I see: It seems that the packets are detected as UDP, not as RTP. So I guess there is no such "rtp.payload" fields to be parsed. If this works I have a method to transform ASCII data to binary format. So, again, how can I extract RTP payload in binary format from a capture file? asked 28 Feb '17, 03:03 logoff edited 28 Feb '17, 04:37 grahamb ♦ |
One Answer:
Check Analyze|Enabled Protocols|RTP|rtp_udp answered 28 Feb '17, 04:05 Jaap ♦ |
I'm using tshark, not Wireshark.