2024-07-22 21:30:04 +0000 | received badge | ● Notable Question (source) |
2024-07-22 21:30:04 +0000 | received badge | ● Famous Question (source) |
2021-06-27 03:47:03 +0000 | received badge | ● Popular Question (source) |
2021-06-25 09:22:04 +0000 | received badge | ● Notable Question (source) |
2021-06-25 09:22:04 +0000 | received badge | ● Popular Question (source) |
2021-03-31 23:04:36 +0000 | received badge | ● Famous Question (source) |
2021-02-15 13:09:57 +0000 | marked best answer | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Hi, I want Tshark to output RTP statistics to a textfile, but it only works in one direction. Reason is that in wireshark you need to "decode as" the packets as "STUN" packets, because sending side RTP is encapsulated inside STUN (receiving side works fine). Then it is correctly detected and handled as RTP traffic (picture) in wireshark, but not in tshark. :( I specified the working (decode as)Wireshark profile, but tshark still only show RTP statistics for one direction. tshark.exe -r .\Teams.pcapng -C "UDP VOIP (STUN)" -o "rtp.heuristic_rtp: TRUE" -qz rtp,streams >text.txt Questions: 1) Anyone knows how to make it work with tshark? Or... 2) Can you remove STUN headers with tshark/editcap so that it is detected as RTP traffic? Thank you
|
2021-02-14 23:49:19 +0000 | received badge | ● Commentator |
2021-02-14 23:49:19 +0000 | commented question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Works. Thanks |
2021-02-14 23:48:51 +0000 | commented question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Update: It works! Thanks for your reply. Unfortunately this did not change the result: tshark.exe -2 -r .\teams.pcapng |
2021-02-14 23:43:36 +0000 | commented question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Thanks for your reply. Unfortunately this did not change the result: tshark.exe -2 -r .\teams.pcapng -C "UDP VOIP (STUN |
2021-02-14 23:43:27 +0000 | commented question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Thanks for your reply. Unfortunately this did not change the result: tshark.exe -2 -r .\eams.pcapng -C "UDP VOIP (STUN) |
2021-02-14 22:47:51 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:34:19 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:33:04 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:29:39 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:27:11 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:26:41 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:24:33 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:24:15 +0000 | edited question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-02-14 22:23:05 +0000 | asked a question | Tshark doesnt detect RTP with "rtp.heuristic_rtp: TRUE" enabled Tshark doesnt detect RTP "rtp.heuristic_rtp: TRUE" Hi, I want Tshark to output RTP statistics to a textfile, but it only |
2021-01-26 12:42:18 +0000 | commented question | RTP - Display Lost Packets IO Graph + Sort question Thats true, but we captured with TAP devices and 20K $ Riverbed capture hardware. But your reply is mostly unrelated to |
2021-01-26 12:41:43 +0000 | commented question | RTP - Display Lost Packets IO Graph + Sort question Thats true, but we captured with TAP devices and 20K $ Riverbed capture hardware. https://support.riverbed.com/bin/suppo |
2021-01-26 11:16:50 +0000 | edited question | RTP - Display Lost Packets IO Graph + Sort question RTP - Display Lost Packets IO Graph + Sort question Hello Wireshark-Community, I am currently analyzing packet loss in s |
2021-01-26 11:12:47 +0000 | edited question | RTP - Display Lost Packets IO Graph + Sort question RTP - Display Lost Packets IO Graph + Sort question Hello Wireshark-Community, I am currently analyzing packet loss in s |
2021-01-26 11:12:26 +0000 | asked a question | RTP - Display Lost Packets IO Graph + Sort question RTP - Display Lost Packets IO Graph + Sort question Hello Wireshark-Community, I am currently analyzing packet loss in s |
2021-01-26 10:58:38 +0000 | marked best answer | Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points in the network. At Access-SW + WAN-Edge to figure out if there is packet loss inside LAN. At Access there was of course much less traffic, compared to WAN edge where everything aggregates. Now, on WAN-Edge-Capture I want to filter out all the conversations that did not source from access switch. So, is there a way to generate a Display/BPF Filter that only contains IP conversations from Access-SW capture file to that I can apply this filter to WAN-Edge capture file? I hope you understand my goal to only see common conversations that show up in both files? Thank you! |
2021-01-19 09:15:26 +0000 | commented question | Multi-Point capture - Generate filter from conversations in PCAP Thanks and good idea. The only drawback is that the subnet is not local to this switch only (it is spanned) and there ar |
2021-01-18 09:29:17 +0000 | edited question | Multi-Point capture - Generate filter from conversations in PCAP Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points i |
2021-01-18 09:28:33 +0000 | edited question | Multi-Point capture - Generate filter from conversations in PCAP Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points i |
2021-01-18 09:28:01 +0000 | edited question | Multi-Point capture - Generate filter from conversations in PCAP Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points i |
2021-01-18 09:23:15 +0000 | edited question | Multi-Point capture - Generate filter from conversations in PCAP Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points i |
2021-01-18 09:21:54 +0000 | edited question | Multi-Point capture - Generate filter from conversations in PCAP Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points i |
2021-01-18 09:21:06 +0000 | asked a question | Multi-Point capture - Generate filter from conversations in PCAP Multi-Point capture - Generate filter from conversations in PCAP Hello Wireshark-Community, we have two capture points i |
2021-01-15 15:29:55 +0000 | commented question | Proxy closes connection, not server/client. Why? It is: Trend Micro InterScan Web Security Virtual Appliance (IWSVA). No access to logs yet, as admin is not in office an |
2021-01-15 14:15:41 +0000 | edited question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:15:15 +0000 | edited question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:14:16 +0000 | edited question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:13:11 +0000 | edited question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:12:36 +0000 | edited question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:10:55 +0000 | edited question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:07:38 +0000 | asked a question | Proxy closes connection, not server/client. Why? Proxy closes connection, not server/client. Why? Hello Wireshark-Community, we have a challenge with our proxy server, b |
2021-01-15 14:02:09 +0000 | asked a question | Proxy closes connection with FIN. Not client/server. Why? Proxy closes connection with FIN. Not client/server. Why? Hello Wireshark-Community, we have a challenge with our proxy |
2020-11-12 10:55:10 +0000 | received badge | ● Popular Question (source) |
2020-11-12 10:55:10 +0000 | received badge | ● Notable Question (source) |
2020-05-06 04:57:12 +0000 | received badge | ● Popular Question (source) |
2019-10-02 10:08:14 +0000 | commented question | SMB2 - Suddenly only small block sizes requested by client We found a scheme when this happens. It happens for SMB database transfers only, after double-clicking the database file |
2019-10-02 10:06:59 +0000 | commented question | SMB2 - Suddenly only small block sizes requested by client We found a scheme when this happens. It happens for SMB database transfers only, after double-clicking the database file |
2019-10-01 09:21:28 +0000 | commented question | SMB2 - Suddenly only small block sizes requested by client Thanks, I will have a look at those outputs. |
2019-10-01 08:12:12 +0000 | edited question | SMB2 - Suddenly only small block sizes requested by client SMB2 - Suddenly only small block sizes requested by client Dear lovely community, one of our clients has problems with h |