search

mbakholdina / lib-tcpdump-processing

Library designed to process .pcap(ng) tcpdump or Wireshark trace files and extract SRT packets of interest for further analysis
15 stars 3 forks source link

[FR] Decode packets on a certain UDP port as SRT #31

Closed maxsharabayko closed 1 year ago

maxsharabayko commented 3 years ago

There might be cases when SRT handshake is not present in the network capture. However, it is known that SRT goes over a certain UDP port. In this case, in Wireshark a user can right click on a packet and select "Decode As" -> "SRT".

The same can be done with tshark: tell to decode packets on a certain UDP port as SRT.

-d udp.port==#,srt

Feature request: Add an optional CLI option to specify which UDP port to decode as SRT.

The function convert_to_csv can be modified to (TODO add UDP port as an argument):

def convert_to_csv(
    filepath: pathlib.Path,
    overwrite: bool=False
) -> pathlib.Path:
    args = [
        'tshark',
        '-r', str(filepath),
        '--disable-protocol', 'udt',
        '-d', 'udp.port==1101,srt',       # Decode As SRT!!!
        '-Y', 'srt',
mbakholdina commented 1 year ago

TODO:

mbakholdina commented 1 year ago

Implemented.