Unable to decode as srtp packet

asked 2018-04-02 19:11:33 +0000

My dissector is not being called for SRTP packets when I try to call my dissector using decode as.

answered 2018-04-02 21:58:55 +0000

Jaap gravatar image

Try enabling rtp_udp in enabled protocols. Somehow the conversation is not picked up.

Tried that, but no luck.

Hesse gravatar imageHesse ( 2018-04-03 03:53:19 +0000 )edit

So what do you exactly mean by 'my dissector is not being called'?

Jaap gravatar imageJaap ( 2018-04-03 05:06:05 +0000 )edit

I've a stream of srtp packets. And I've defined a dissector, lets say test which simply changes the protocol name in the column. When I export only the rtp packets and "decode as test", all the rtp packets now have protocol column name as "test", but if I export sdp packets along with rtp packets, When I try to run decode as test, the column name is not changing. I also tried binding the dissector to a port used by the rtp stream, but in presence of sdp packets, my dissector is not invoked.

Hesse gravatar imageHesse ( 2018-04-03 11:45:31 +0000 )edit

Because the SDP dissector defines the conversation which maps the UDP packets from the stream to the RTP dissector. That is why your dissector isn't getting called, when the relevant SDP is present in the capture.

Jaap gravatar imageJaap ( 2018-04-03 14:51:17 +0000 )edit

okay. So I'll have to bind my dissector before udp?

Hesse gravatar imageHesse ( 2018-04-03 17:32:28 +0000 )edit

