Revision history [back]

Hi,

I tried to decode a pcapng file via two different machines as title, but they showed two different results.

1.. MacOS: wireshark 3.4.4, had setup enable_protocol:rtp_udp, disable:rtp_event shows the packet is RTP or RTCP, then can decode

"en5","22:47:22.682346000 PST","801","0.031969","RTP","1.2.3.4","5.6.7.8","0xSSRC","rtp.timestamp","rtp.seq"

(ip and ssrc number I just replaced by making up)

2.. Linux server: wireshark 2.6.2, only command line environment, so not sure the same setting kick in or not (copy the MacOS .config/wireshark to linux machine.) but it shows

"en5","22:47:22.682346000 PST","801","0.031969","UDP","1.2.3.4","5.6.7.8",,,

Protocol shows UDP instead of RTP, and no rtp.ssrc information. (this is the same packet from the same pcapng file)

I want to know is that because configuration is not kicked in(how to check linux part if i don't have GUI)? or because wireshark version? or any other cause?

Thanks!

Hi,

I tried to decode a pcapng file via two different machines as title, but they showed two different results.

1.. MacOS: wireshark 3.4.4, had setup enable_protocol:rtp_udp, disable:rtp_event shows the packet is RTP or RTCP, then can decode

"en5","22:47:22.682346000 PST","801","0.031969","RTP","1.2.3.4","5.6.7.8","0xSSRC","rtp.timestamp","rtp.seq"

(ip and ssrc number I just replaced by making up)

2.. Linux server: wireshark 2.6.2, only command line environment, so not sure the same setting kick in or not (copy the MacOS .config/wireshark to linux machine.) but it shows

"en5","22:47:22.682346000 PST","801","0.031969","UDP","1.2.3.4","5.6.7.8",,,

Protocol shows UDP instead of RTP, and no rtp.ssrc information. (this is the same packet from the same pcapng file)

I want to know is that because configuration is not kicked in(how to check linux part if i don't have GUI)? or because wireshark version? or any other cause?

Thanks!