Forcing decode of 'invalid' RTCP and RTP version
Hi,
I'm working on debugging a new implementation of a semi-proprietary VoIP system that uses RTP and RTCP. It doesn't introduce any new fields or anything as far as I can tell, though it repurposes some fields in weird ways. The trouble is that it identifies its RTP packets as version 1 and RTCP as version 3, which causes the dissector to quit and not attempt decoding.
Is there any way I can force this? Or any way to modify just the dissector without having to set up the entire build environment for Wireshark? Or can I bribe someone who already has the environment set up to build me a version that forces both of these to be treated as version 2?
Thanks!
Scott
"having to set up the entire build environment" varies by operating system.
(Chapter 2. Setup and Build Instructions)
Windows is a lot of steps but if you use the
choco
commands it goes pretty quick.Or you can fork Wireshark on Github (https://github.com/wireshark/wireshark) and that comes with build actions. (My fork for testing Github actions: https://github.com/bubbasnmp/wireshark)
You could then modify the dissector in Github and it will build a Windows installer package.
Aha! Thank you for that! I'm an embedded systems developer and we're always like 10-15 years behind on development tools. I never use github other than for occasionally sharing some open source firmware projects and it didn't occur to me that I could build a forked repo like that. Took me 30 seconds of editing code and 45 minutes of tinkering with git and github, but I've got a build that parses the packets properly.
Thanks again!