Reassemble rtp payload to IP frames

asked 2018-11-27 16:16:53 +0000

anonymous user



I am trying to analyze a complex protocol. My computer receives RTP/UDP/IP data, where each UDP frame contains only one RTP frame. But these RTP frames form a stream that also must be analyzed to another RTP/UDP/IP stream : that's a protocol stack that looks like RTP/UDP/IP/RTP/UDP/IP. I am especially interested into the inner layers of this stack.

However, if I could configure wireshark to interpret the UDP "Data" payload, I cannot ask it to do the same task on the RTP payload. It seems that there is an option somewhere that I am missing. Selecting the RTP payload and choosing "Decode as" > IPv4, just replace the RTP protocol line by an (therefore invalid) IPv4 protocol line.

  • Is there an option in wireshark to export all the RTP payloads concatenated one after another, then reading this file with Wireshark to interpret the inner RTP/UDP/IP protocol stack ?
  • Is there an option in wireshark to reassemble IP packets, on the same way HTTP seems to support ?

Thanks in advance for your help !

edit retag flag offensive close merge delete