Wireshark mailing list archives

Re: VOIP .raw problem: Can't save forward direction in a file: Wrong length of captured packets!

From: nangergong <nangergong () gmail com>
Date: Mon, 21 Feb 2011 20:05:11 +0000

thank you!

so, are there any methods by which I can capture VOIP packets using
"tcpdump" and convert .pcap files into .raw files?
I can only capture VOIP stream via a remote command line window.



On Mon, Feb 21, 2011 at 7:49 PM, Jaap Keuter <jaap.keuter () xs4all nl> wrote:

Hi,

When taking this capture with tcpdump a snap length was applied, so that
not all of the RTP payload was saved in the capture file. With data missing
the RTP payload stream cannot be restored.

Thanks,
Jaap


On 02/20/2011 10:41 PM, nangergong wrote:

hi, all

  I used tcpdump to capture VOIP traffic on linux platform. The
captured data are in .pcap format

  And then I opened the .pcap using wireshark.

 I've configured the preference->protocol->SSL->RSA keylist, so if I
used wireshark for capturing VOIP traffic, the wireshark GUI will show
the RTP format and RTCP packets. But if I open the .pcap files which are
captured by tcpdump, I need to mannually decode those UDP packets as RTP
packets.

  After decoding UDP->RTP and RTCP, I used VOIP->RTP->RTP Stream
Analysis to extract .raw from these packets. However, when I want to
save these .raw files, Wireshark prompts:

*Can't save forward direction in a file: Wrong length of captured packets!

 Does anyone know how to tackle this problem? Thank you!
*

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
           mailto:wireshark-users-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

VOIP .raw problem: Can't save forward direction in a file: Wrong length of captured packets! nangergong (Feb 20)
- Re: VOIP .raw problem: Can't save forward direction in a file: Wrong length of captured packets! Jaap Keuter (Feb 21)
  - Re: VOIP .raw problem: Can't save forward direction in a file: Wrong length of captured packets! nangergong (Feb 21)
    - Re: VOIP .raw problem: Can't save forward direction in a file: Wrong length of captured packets! Guy Harris (Feb 21)