Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

How wireshark decodes RTP packets from UDP


I'm interested how Wireshark decodes RTP packets (which criteria is used to separate them from UDP). I'm trying to create a RTP packet flow using scapy, I' entering all the information needed in RTP hrader:

while seq < 10:
  ip_layer = IP(src = "", dst = "")
  udp_layer = UDP(sport = 16998, dport = 17000)
  rtp_layer = RTP(version=2, padding=0, extension=0, marker=1, payload_type=8, sequence=seq, timestamp=10, sourcesync=0)
  packet = ip_layer/udp_layer/rtp_layer
  seq = seq + 1
  time_s = time_s + 160

and still packets in wireshark are shown as UDP. I found an option in Preferences -> Protocols -> RTP "Payload Type for RFC2198" = 99 and wondered what 99 means (as didn't find any information on RFC document), maybe I need to add some kind of a special payload next to RTP header?.. Any help would be appreciated. Thanks in advance