Wireshark does not find existing RTP stream
This question has already been asked 2011, but the answer does not fit any more to newer versions of Wireshark. https://osqa-ask.wireshark.org/questi...
The problem still exists now.
An RTP stream seems only been found when it is complete captchered. When the captchering begins after the stream has been established, Wireshark seems not to find it.
Why?
The option "Try to decode RTP outside of conversations" does not exist any more in Wireshark Version 2.6.20
What must be done to find an RTP stream that definitely exists?
Thanks for any hint.
Have you tried 3.4.x in this regard? 2.6 is ..... rather old.
No, because this Wireshark is part of Debian 10 (stable).
Maybe there are newer packages, but not in buster-backports.
Then Debian 11 is needed - there it is wireshark_3.4.4-1_amd64.deb
2.6.x was EOL in October 2020. Any changes etc. would have to come from the distribution maintainers, i.e. Debian. See the Wireshark LifeCycle page for more info.
You can build your own copy of a supported version.
Thank you, but this is not really an answer to the question.
Normally a newer version cannot be compiled under Debian 10, because the version of the dependent libraries are to old. So a complete new distribution of Debian must be installed to use one application, only for the hope that a special problem is fixed.
I agree that my comment doesn't answer the question, just pointing that your options are limited if you can't move to a supported version.
You could try your capture with a supported version to see if the issue has been fixed, or share your capture here for others to check for you.
Another solution would be to try a distribution like Kali Linux that can be booted from a stick or in a virtual machine.
But i see that Kali Linux use Wireshark 2.6.4 https://tools.kali.org/information-ga...