Hello,
I'm interested how Wireshark decodes RTP packets (which criteria is used to separate them from UDP). I'm trying to create a RTP packet flow using scapy, I' entering all the information needed in RTP hrader:
while seq < 10:
ip_layer = IP(src = "10.0.1.21", dst = "10.0.1.40")
udp_layer = UDP(sport = 16998, dport = 17000)
rtp_layer = RTP(version=2, padding=0, extension=0, marker=1, payload_type=8, sequence=seq, timestamp=10, sourcesync=0)
packet = ip_layer/udp_layer/rtp_layer
send(packet)
seq = seq + 1
time_s = time_s + 160
and still packets in wireshark are shown as UDP. I found an option in Preferences -> Protocols -> RTP "Payload Type for RFC2198" = 99 and wondered what 99 means (as didn't find any information on RFC document), maybe I need to add some kind of a special payload next to RTP header?.. Any help would be appreciated. Thanks in advance
